CrowdStrike ties Oracle EBS RCE (CVE-2025-61882) to Cl0p attacks began Aug 9, 2025

News
Yanac

CrowdStrike links Oracle EBS flaw CVE-2025-61882 (CVSS 9.8) to Cl0p, enabling unauthenticated RCE, first exploited on August 9, 2025. CrowdStrike researchers attributed with moderate confidence the exploitation of Oracle E-Business Suite flaw CVE-2025-61882 (CVSS 9.8) to the Cl0p group, also known as Graceful Spider. The critical bug allows unauthenticated remote code execution, with the firstSecurity AffairsRead More