SentSeven Logo
entseven
HomeAbout
PortfolioPlansNews & InsightsContact
SentSeven Logo
entseven

Full spectrum IT services combining hardware and software solutions to meet all your business needs.

EMEA Coverage24/7 Support

Services

  • Custom Software Development
  • Automation & AI Integration
  • Website Development
  • Business Applications & ERP/CRM
  • Cloud Solutions & SaaS Management

Industries

  • Education & Learning
  • Hospitality Excellence
  • Retail & E-Commerce
  • Healthcare Technology
  • Corporate & Enterprise Solutions

Contact

  • +971 58 243 2494
  • info@sentseven.com
  • Europe, Middle East & Africa

© 2025 Sentseven. All rights reserved.

Privacy PolicyTerms of Service

Clop hackers caught exploiting Oracle zero-day bug to steal executives’ personal data

October 8, 2025
2 min read
Clop hackers caught exploiting Oracle zero-day bug to steal executives’ personal data

Oracle has fixed a zero-day vulnerability in one of its flagship business software products that a hacking group is currently abusing to steal personal information about corporate executives. 

In a brief post updated over the weekend, Oracle chief security officer Rob Duhart said the tech giant released a new patch to fix a vulnerability in its Oracle E-Business suite, and urged customers to install the update as soon as possible.  

The security advisory said the bug, tracked officially as CVE-2025-61882, can be “exploited over a network without the need for a username and password.” The advisory provided several so-called indicators of compromise to help Oracle customers identify evidence of hackers on their systems, suggesting that hackers are currently exploiting the vulnerability to steal customers’ sensitive data. 

Oracle says thousands of organizations around the world use its E-Business Suite to run their companies, including storing their customer data and their employees’ human resources files. 

The bug is known as a zero-day because Oracle, in this case, was given no time to patch the bug before it was maliciously exploited. 

Duhart’s updated post is an about-face from earlier this week, when a previous version of his post said Oracle was aware that some executives “have received extortion emails” linked to previously identified vulnerabilities patched in July, suggesting the extortion campaign was over. The newly identified zero-day bug suggests the hackers continued to exploit flaws in Oracle’s E-Business software that were unknown to Oracle at the time. 

News of the extortion attempts targeting corporate executives first emerged last week.  

On October 2, Google security researchers said they found the prolific hacking group called Clop, which has been linked to numerous ransomware attacks and extortion attempts in recent years, was sending emails to Oracle executives around September 29 demanding money to not publish their personal information online. 

Charles Carmakal, the chief technology officer of Google’s incident response unit Mandiant, said in a post published Sunday on LinkedIn that the vulnerabilities in Oracle’s E-Business software were being used in a “mass exploitation” campaign for data theft and extortion.  

Much of the exploitation happened during August, said Carmakal, after the July patches were released. 

“Clop has been sending extortion emails to several victims since last Monday,” said Carmakal, but noted that the hackers haven’t reached out to all victims yet. 


Categories

Related Articles

Anker offered Eufy camera owners $2 per video for AI training

Oct 8

Ready to Transform Your Business?

Let's discuss how our innovative technology solutions can drive your business forward. Get in touch with our experts today.

Start your project