Oracle Sees No Zero-Day Exploits Tied to Customer Extortion

Data-Grabbing Attacks Appear to Compromise Organizations Without July Patch Update Mathew J. Schwartz (euroinfosec) • October 3, 2025

Oracle is acknowledging that its customers are being targeted by data-stealing extortionists.

See Also: When Identity Protection Fails: Rethinking Resilience for a Modern Threat Landscape

The software giant and cybersecurity researchers say the criminals don't appear to be exploiting a zero-day vulnerability.

"Our ongoing investigation has found the potential use of previously identified vulnerabilities that are addressed in the July 2025 critical patch update," said Rob Duhart, CSO of Oracle Security, in a Thursday blog post (see: Extortionists Claim Mass Oracle E-Business Suite Data Theft).

"Oracle reaffirms its strong recommendation that customers apply the latest critical patch updates," Duhart said.

Of the 309 new security patches issued in July, nine are updates for Oracle E-Business Suite, of which three can be remotely exploited without authentication. Oracle said EBS users ...