The notorious Cl0P ransomware group has claimed responsibility for breaching digital security firm Entrust, exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS).<\/p>\n
The attack, tied to CVE-2025-61882<\/a>, marks another high-profile victim in Cl0P\u2019s relentless assault on organizations using Oracle\u2019s enterprise software.<\/p>\n Cl0P, known for high-impact extortion schemes, announced the breach on their dark web leak site earlier this week. According to the post, attackers gained unauthorized access to Entrust\u2019s systems via an unpatched flaw that allows remote code execution (RCE) in Oracle EBS environments.<\/p>\n The vulnerability, rated CVSS 9.8 for its ease of exploitation without authentication, affects multiple versions of EBS, a widely used platform for financial and supply chain management. Oracle patched it in October 2025\u2019s Critical Patch Update, but delayed adoption has left many firms exposed.<\/p>\n Entrust, a provider of identity and access management solutions, confirmed the incident in a brief statement, noting that no customer data appears compromised.<\/p>\n \u201cWe are investigating the matter with urgency and have implemented enhanced security measures,\u201d the company said. However, cybersecurity experts warn that the breach could undermine trust in Entrust\u2019s services, given its role in securing digital certificates and authentication for global enterprises.<\/p>\n This isn\u2019t Cl0P\u2019s first rodeo with CVE-2025-61882<\/a>. Since disclosing the zero-day in September 2025, the group has listed over a dozen victims, including manufacturing giants and financial institutions.<\/p>\n Their tactic exfiltrating data before encryption has netted millions in ransoms while pressuring targets through public shaming. Analysts at Mandiant attribute the spree to Cl0P\u2019s shift toward \u201cbig game hunting,\u201d targeting vulnerabilities<\/a> in legacy enterprise systems.<\/p>\n The breach highlights persistent risks in supply chain security. Organizations relying on Oracle EBS should prioritize patching and conduct vulnerability scans immediately. As Cl0P\u2019s list grows, the incident underscores the need for proactive threat hunting in an era of sophisticated ransomware operations.<\/p>\n Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n The post Cl0P Ransomware Group Allegedly Claims Breach of Entrust in Oracle 0-Day EBS Hack<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\n![\"Clop](\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjmRclYOUiTZmZGTCvJmKlLYUjjLVPLkZROy92PF98sew8VIZp-BbZYNqU12rAxGogRaHJK8eOKqtBhXPD70_RFsZGg3pEQmMeB1ms0Yd5P7B6SNww5uqwNQ5BVjbaoQaUxjsPN6L1Q3op8Hn9YObS80fZU5ESXxg9PPYsaYrF9NpVQ4PD3j6yTQdq3-lrd\/w640-h412\/Clop%2520Breach.webp?ssl=1\")