AWS Launches New Nova AI Models And a Service That Gives Customers More Control

Clop Hackers Caught Exploiting Oracle Zero-Day Bug to Steal Executives’ Personal Data

Oracle has urgently patched a zero-day vulnerability after Clop hackers exploited it to steal personal data from corporate executives. This flaw in Oracle’s flagship E-Business Suite allowed attackers to access sensitive information without a username or password, putting thousands of organizations at risk.

Image Credits:David Paul Morris / Bloomberg / Getty Images

Oracle’s Chief Security Officer, Rob Duhart, confirmed over the weekend that the company released a critical patch and urged customers to update their systems immediately. The vulnerability, officially tracked as CVE-2025-61882, highlights how hackers continue to target software widely used to manage company operations and employee data.

What Makes This Oracle Zero-Day So Dangerous

The zero-day bug in Oracle’s E-Business Suite is particularly severe because it can be exploited remotely without any login credentials. This means hackers could steal confidential information from executives, including HR files and corporate records, in just a few steps.

Indicators of compromise have been released by Oracle to help organizations identify if their systems have been targeted. Experts warn that the active exploitation by Clop hackers demonstrates the persistent threat posed by cybercriminal groups seeking high-value data.

Timeline: How the Hack Unfolded

Earlier reports suggested extortion attempts against executives had stopped after July patches. However, the discovery of this zero-day proves that the hackers continued exploiting previously unknown vulnerabilities. Google security researchers flagged suspicious activity last week, confirming ongoing threats to corporate executives’ personal data.

The attack underscores how quickly vulnerabilities can be weaponized, leaving companies little time to protect sensitive information. Organizations using Oracle E-Business Suite are strongly advised to apply the patch immediately to mitigate risk.

How Companies Can Protect Themselves

1. Patch Immediately: Ensure all Oracle E-Business Suite instances are updated to the latest version.

2. Monitor Systems: Use Oracle’s indicators of compromise to check for signs of intrusion.

3. Educate Executives: Corporate leaders should remain cautious of phishing or extortion attempts.

4. Strengthen Security: Review network defenses and consider additional monitoring tools for critical systems.

Why This Matters

With thousands of organizations relying on Oracle for daily operations, the Clop hackers’ zero-day exploitation is a stark reminder that even widely used enterprise software can have hidden risks. Timely patching and proactive monitoring remain critical for safeguarding sensitive executive data.