Major Incidents or Breaches

  • Oracle E-Business Suite (EBS) has been compromised via a critical zero-day vulnerability (CVE-2025-61882), enabling unauthenticated remote code execution. The Cl0p ransomware group actively exploited this flaw in recent data theft attacks, prompting Oracle to issue an emergency patch.
  • ParkMobile concluded a class action lawsuit related to its 2021 data breach affecting 22 million users. Victims are receiving a $1 compensation each as part of the settlement.

Newly Discovered Vulnerabilities

  • CVE-2025-61882: A critical remote code execution vulnerability in Oracle E-Business Suite, actively exploited in the wild by threat actors including Cl0p. Oracle has released an emergency patch to address this issue.
  • CVE-2025-27915: A Zimbra Collaboration Suite vulnerability (CVSS 5.4) was exploited as a zero-day earlier in the year, targeting the Brazilian military. The attack leveraged malicious .ICS (iCalendar) files to deliver the exploit. The vulnerability has since been patched.

Notable Threat Actor Activity

  • Cl0p ransomware group exploited the Oracle EBS zero-day (CVE-2025-61882) in a recent campaign focused on data theft.

Trends, Tools, or Tactics of Interest

  • Use of malicious .ICS calendar attachments to exploit Zimbra Collaboration Suite (CVE-2025-27915) demonstrates ongoing interest in abusing productivity and collaboration tools for initial access.
  • The publication of an exploit script and rapid weaponisation of the Oracle EBS vulnerability (CVE-2025-61882) highlight threat actors’ ability to quickly operationalise newly discovered flaws for attacks.

Regulatory or Policy Developments Affecting the Security Industry

  • ParkMobile’s class action settlement following a major data breach sets a precedent for low-value compensation in large-scale breaches, with each affected user receiving $1.