News

Clop Exploits Oracle EBS Vulnerability CVE-2025-61882 for Data Extortion

Luciano Ferrari

15 Jan 2026 — 2 min read

Thursday, January 15, 2026

Top 5 Cybersecurity Stories You Should Know

Clop Exploits Oracle EBS Vulnerability CVE-2025-61882 for Data Extortion — tl;dr: The Clop ransomware gang has exploited a critical vulnerability (CVE-2025-61882) in Oracle E-Business Suite, allowing unauthenticated remote code execution. This vulnerability has been actively targeted since August 2025, affecting major organizations like Canon and Dartmouth College. Instead of traditional ransomware tactics, Clop focuses on data theft and extortion, leveraging stolen data for financial gain. With a CVSS score of 9.8, organizations must treat critical platforms as prime targets, enhance data loss prevention measures, and assume compromise before vulnerabilities are publicly disclosed. Immediate audits for indicators of compromise are essential.
↪ https://www.cisoplatform.com/profiles/blogs/clop-s-oracle-ebs-rampage-another-day-another-zero-day-another-ro
Microsoft Fixes Windows 0-Day CVE-2026-20805 Amid CISA Alert — tl;dr: Microsoft has patched a Windows information disclosure vulnerability tracked as CVE-2026-20805, which allows attackers to leak memory addresses from a remote ALPC port, potentially leading to arbitrary code execution. The Cybersecurity and Infrastructure Security Agency (CISA) has added this flaw to its Known Exploited Vulnerabilities catalog, requiring federal agencies to implement the fix by February 3, 2026. Administrators are advised to prioritize this patch due to the risk it poses to system security, particularly in undermining Address Space Layout Randomization (ASLR) protections.
↪ https://www.theregister.com/2026/01/14/patch_tuesday_january_2026/
Microsoft Reports Ransomware Gangs Targeting Cloud Environments with New Tactics — tl;dr: In its Q1 2025 analysis, Microsoft Threat Intelligence warns that ransomware gangs are increasingly exploiting cloud environments using sophisticated techniques. Notably, state-affiliated group Moonstone Sleet has begun utilizing Ransomware-as-a-Service (RaaS) to enhance attack efficiency. The report highlights the aggressive targeting of hybrid cloud setups by groups like Storm-0501, which exploit insecure accounts to delete backups and extort victims. Organizations are urged to bolster their cybersecurity measures by securing cloud infrastructure, implementing timely patching, and ensuring robust backup solutions to mitigate the risks posed by these evolving ransomware threats.
↪ https://gbhackers.com/ransomware-gangs-exploit-cloud-environments/?trk=article-ssr-frontend-pulse_little-text-block
Chrome Vulnerability CVE-2025-4664: Silent Data Leaker Exposed — tl;dr: A newly discovered vulnerability in Google Chrome, identified as CVE-2025-4664, poses a significant risk as a silent data leaker. This flaw allows unauthorized access to sensitive information without user awareness, potentially affecting millions of users. Organizations and individuals using Chrome are urged to update their browsers immediately to mitigate the risk. Users should regularly check for updates and consider implementing additional security measures, such as using VPNs and security extensions, to further protect their data from exploitation.
↪ https://www.linkedin.com/pulse/chrome-vulnerability-cve-2025-4664-silent-data-leaker-sharma-p-6jhqc
Critical CVE-2020-11182 Affects Qualcomm Snapdragon Products — tl;dr: CVE-2020-11182 is a critical vulnerability rated 9.8 on the CVSS scale, affecting various Qualcomm Snapdragon products, including those used in automotive, consumer IoT, and mobile devices. The flaw stems from a buffer overflow due to inadequate input size checking when parsing NAL headers, potentially leading to a heap overflow. This vulnerability could severely compromise confidentiality, integrity, and availability. Users and organizations utilizing affected Snapdragon devices should prioritize applying patches provided by Qualcomm to mitigate risks associated with this critical security issue.
↪ https://feedly.com/cve/CVE-2020-11182