![\"A](\"https:\/\/dataconomy.com\/wp-content\/uploads\/2025\/10\/A-critical-Oracle-zero-day-flaw-is-being-actively-abused-by-hackers.jpg\" "\\"A")
<\/p>\n<\/p>\n
According to security researchers at Google, the Clop extortion gang has stolen data from \u201cdozens of organizations\u201d by exploiting multiple security vulnerabilities in Oracle\u2019s E-Business Suite software. A statement and blog post from Google on Thursday indicated the hacking campaign, which targets corporate executives with extortion emails, dates back to at least July 10.<\/p>\n
Earlier this week, Oracle acknowledged that hackers were still actively abusing a zero-day vulnerability in its software to steal personal and corporate data. This followed an earlier, now-removed, statement from the company\u2019s chief security officer that had suggested the campaign was over and linked to vulnerabilities patched in July. In a security advisory, Oracle described the flaw as a bug that can be \u201cexploited over a network without the need for a username and password.\u201d<\/p>\n
The attackers have been identified as the Russia-linked Clop ransomware and extortion gang, which has a history of conducting mass-hacking campaigns using zero-day vulnerabilities in corporate software, such as managed file transfer tools. Oracle\u2019s E-Business Suite is used by companies to manage operations and store sensitive data, including customer information and employee HR files.<\/p>\n
To assist network defenders, Google\u2019s blog post provides technical details and indicators of compromise, including specific email addresses, to help organizations identify if their Oracle systems have been affected.<\/p>\n