- Oracle patched CVE-2025-61884, a critical unauthenticated vulnerability in E-Business Suite
- ShinyHunters allegedly exploited the flaw to steal sensitive corporate data from multiple organizations
- This is Oracle’s second patch to exploit chains used in recent ransomware extortion campaigns.
Oracle has fixed another E-Business Suite vulnerability that was allegedly used by the ShinyHunters team to exfiltrate sensitive corporate data from many organizations.
Earlier this week, the company released a new security advisory announcing a fix for CVE-2025-61884. This vulnerability, discovered in E-Business Suite, “is remotely exploitable without authentication, that is, it can be exploited over a network without the need for a username and password,” Oracle explained. “If successfully exploited, this vulnerability can allow access to sensitive resources.”
This affects versions 12.2.3 through 12.2.14, Oracle added, emphasizing that it “always recommends that customers stay on actively supported versions and apply all security alerts and security patches from critical updates without delay.”
Breaking the exploit chain
Although the advisory does not mention ShinyHunters or the recent series of breaches, BleepingComputer has confirmed, with the help of a few cybersecurity organizations, that the patch does in fact break the exploit chain used by malicious actors.
This is the second patch released recently by Oracle to fix E-Business Suite flaws, both of which have reportedly been used by malicious actors to steal sensitive information.
In early October, executives at various companies in the United States began receiving extortion emails, claiming to have been sent by ransomware actors known as Cl0p. At the time, Oracle claimed that the attackers were actually exploiting an n-day-old vulnerability that had been patched a few months prior.
However, it quickly backtracked and released a patch for CVE-2025-61882, a bug that allowed an unauthenticated attacker with HTTP network access to compromise and take full control of the Oracle Concurrent Processing component of E-Business Suite.
Meanwhile, other malicious actors have begun targeting E-Business Suite users. Among them, ShinyHunters, notorious hackers part of the Scattered Lapsus$ Hunters collective, responsible for hacks at Qantas, Fujifilm and others.
Now, with the arrival of the second patch, we will see if the holes are finally plugged.
Via BeepComputer
Don’t forget to take a look at our Windows 10 end-of-life live updates here
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
