Stay informed on Oracle security updates, vulnerabilities, and best practices for safeguarding your data with our focused Information Security insights.
Search across headline titles and summaries.
Background for this topic.
Oracle in information security is not about the prophetic figure of ancient myths, but rather it pertains to a critical aspect of cyber security concerning Oracle Corporation's products, particularly its database management systems. Oracle databases are widespread in enterprise environments, storing a wealth of sensitive information that, if compromised, could lead to significant data breaches and financial losses.
Oracle security, therefore, encompasses the various measures and practices that protect Oracle database servers from unauthorized access, misuse, or attack. This includes securing the database from internal threats, like privileged user abuse, and external threats such as SQL injection attacks. It also involves ensuring the integrity, confidentiality, and availability of the data held within Oracle databases through a combination of technical controls, policies, and procedures. Vigilance in monitoring, patch management, and staying informed about the latest Oracle security updates and vulnerabilities are essential components of maintaining robust security for Oracle-based systems.
Weekly headline count for the current query.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks PAN-OS flaw, tracked as CVE-2024-21182 (CVSS score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2024-21182 flaw is an easily exploitable vulnerability affecting Oracle WebLogic […]
The exploitation of CVE-2025-61757 follows a breach of Oracle Cloud earlier this year as well as a recent extortion campaign targeting Oracle E-Business Suite customers.
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning government agencies to patch an Oracle Identity Manager tracked as CVE-2025-61757 that has been exploited in attacks, potentially as a zero-day. [...]
Numerous organizations have been attacked via Oracle EBS zero-day CVE-2025-61882, and evidence suggests more like Schneider Electric could be on that list.
CISA has confirmed that an Oracle E-Business Suite flaw tracked as CVE-2025-61884 is being exploited in attacks, adding it to its Known Exploited Vulnerabilities catalog. [...]
Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. [...]
Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. [...]
CrowdStrike on Monday said it's attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a threat actor it tracks as Graceful Spider (aka Cl0p), and that the first known exploitation occurred on August 9, 2025
Oracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the recent wave of Cl0p data theft attacks
Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks. [...]
Oracle has fixed an unauthenticated file disclosure flaw in Oracle Agile Product Lifecycle Management (PLM) tracked as CVE-2024-21287, which was actively exploited as a zero-day to download files. [...]
Water Sigbin (aka the 8220 Gang) exploited the Oracle WebLogic vulnerabilities CVE-2017-3506 and CVE-2023-21839 to deploy a cryptocurrency miner using a PowerShell script. The threat actor also adopted new techniques to conceal its activities, making attacks harder to defend against.
We observed the threat actor group known as “8220 Gang” employing new strategies for their respective campaigns, including exploits for the Linux utility “lwp-download” and CVE-2017-3506, an Oracle WebLogic vulnerability.