By Guru Baran
Publication Date: 2025-11-14 08:12:00
The infamous ransomware group Cl0P has claimed responsibility for the breach against digital security firm Entrust, exploiting a critical zero-day vulnerability in the Oracle E-Business Suite (EBS).
The attack associated with CVE-2025-61882is another high-profile victim in Cl0P’s relentless attack on companies that use Oracle’s enterprise software.
Cl0P, known for highly effective extortion schemes, announced the breach on its dark web leak site earlier this week. According to the post, attackers gained unauthorized access to Entrust’s systems via an unpatched vulnerability that allows remote code execution (RCE) in Oracle EBS environments.
The vulnerability, rated CVSS 9.8 due to its ease of exploit without authentication, affects multiple versions of EBS, a widely used financial and supply chain management platform. Oracle patched it in the October 2025 Critical Patch Update, but the delayed rollout has caused many companies…
