A major hacking campaign has hit Oracle Corporation’s E-Business Suite, one of the company’s most widely used products.
The breach, uncovered on Thursday, takes advantage of a serious security flaw that lets attackers break in and steal sensitive data from organizations around the world.
Investigators think the attack might be the work of the Cl0p extortion group, the same crew that is going after big enterprise software for years.
Oracle isn’t wasting any time, though. The company’s pushed out an emergency patch and is working around the clock with cybersecurity experts to stop the attack and protect its customers.
Critical flaw in Oracle systems exploited
The hackers are taking advantage of a serious weakness in Oracle’s E-Business Suite, officially labeled CVE-2025-61882.
For those who aren’t familiar, E-Business Suite is the software that companies use to handle core operations like customer management, supply chains, manufacturing, and logistics.
The flaw hits the Oracle Concurrent Processing component through its BI Publisher Integration.
What makes the cyberattack more serious is that the hackers can run code remotely without even needing to log in.
This is a big deal as the vulnerability has a critical severity score of 9.8.
In other words, if exploited, hackers could take complete control of affected systems, steal sensitive data, or even shut down operations entirely.
Oracle moved fast once the threat was spotted, rolling out an emergency patch on October 4, and urging all customers to install it right away.
They are not tackling this alone as cybersecurity teams from Mandiant and Google’s Threat Intelligence Group are digging into the attacks alongside Oracle.
What makes this breach tricky is that the hackers are chaining together multiple vulnerabilities, including some that had already been patched back in July 2025.
That combination makes the attack both complex and highly effective. Systems that are online and still using default configurations are especially vulnerable.
Oracle’s quick patch release is meant to stop further exploitation, but the situation is tense: leaked exploit code has already hit the internet, which means other threat actors could jump in and launch more attacks.
Google warns ‘dozens of organizations’ affected
Google has raised the alarm about a hacking campaign hitting Oracle’s E-Business Suite, impacting dozens of organizations around the world.
According to Google’s Threat Intelligence Group, “mass amounts of customer data” were compromised, and the operation may have been going on for as long as three months.
The attackers are believed to be tied to the notorious Cl0p extortion group and took advantage of a critical vulnerability that lets them run code remotely on Oracle’s widely used enterprise software.
According to reports, Cl0p group started breaching Oracle E-Business Suite customers back in August 2025, quietly stealing large amounts of data.
By late September, they had started sending extortion emails to executives at the affected companies, turning the data theft into a full-blown ransomware operation.
The post Oracle Corp hit by a massive hacking campaign? here’s what we know so far appeared first on Invezz