- Oracle patched CVE-2025-61884, a critical unauthenticated E-Business Suite vulnerability
- ShinyHunters Allegedly Leveraged the Flaw to Steal Sensitive Corporate Data from Multiple Organizations
- This is the second patch from Oracle that addresses exploit chains used in recent ransomware extortion campaigns.
Oracle has patched another E-Business Suite vulnerability that was allegedly used by the ShinyHunters team to leak sensitive corporate data from numerous organizations.
Earlier this week, the company published a new security advisory, announcing a patch for CVE-2025-61884. This vulnerability, discovered in E-Business Suite, “can be exploited remotely without authentication, that is, it can be exploited over a network without requiring a username and password,” Oracle explained. “If successfully exploited, this vulnerability could allow access to sensitive resources.”
It affects versions 12.2.3-12.2.14, Oracle added, emphasizing that it “always recommends that customers stay on actively supported versions and apply all security alerts and critical update security patches without delay.”
Breaking the exploit chain
While the advisory does not mention ShinyHunters or the recent series of breaches, BleepingComputer confirmed, with the help of some cybersecurity organizations, that the patch does indeed break the exploit chain used by threat actors.
This is the second patch that Oracle recently released to address flaws in E-Business Suite, which were allegedly used by threat actors to steal sensitive information.
In early October, executives at several companies in the United States began receiving extortion emails, claiming to have been sent by ransomware actors known as Cl0p. At the time, Oracle claimed that the attackers were actually exploiting an n-day vulnerability that was patched a few months earlier.
However, it soon backtracked and released a patch for CVE-2025-61882, a bug that allowed an unauthenticated attacker with HTTP network access to completely compromise and take over Oracle’s concurrent processing component of E-Business Suite.
Meanwhile, other threat actors began targeting E-Business Suite users. Among them, ShinyHunters, notorious hackers who are part of the Scattered Lapsus$ Hunters collective, responsible for breaches at Qantas, Fujifilm and others.
Now, with the arrival of the second patch, we will see if the holes are finally covered.
Through beepcomputer
Don’t forget to check out our Windows 10 End of Life live updates here.
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
