Oracle E-Business Suite Vulnerability Actively Exploited in Ransomware Campaigns
Federal cybersecurity authorities have confirmed active exploitation of a high-severity Oracle E-Business Suite vulnerability in ransomware campaigns. The server-side request forgery flaw allows unauthorized access to sensitive resources without authentication.
Federal Cybersecurity Agency Confirms Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially confirmed that a vulnerability affecting Oracle E-Business Suite customers is being actively exploited in ransomware attacks, according to reports released Monday. The agency has added the vulnerability, tracked as CVE-2025-61884, to its catalog of known exploited vulnerabilities, indicating confirmed malicious use by threat actors.