Oracle Zero-Day, Clop Attacks & GoAnywhere Exploit – 10/06/2025

Secure Your Business Now

Today’s threat landscape is dominated by a critical Oracle E-Business Suite zero-day vulnerability being actively exploited by the Clop ransomware gang for data theft, prompting urgent patch advisories from the FBI and CISA. Additionally, a severe GoAnywhere MFT bug is being used to deploy Medusa ransomware, and the Red Hat data breach has escalated with the involvement of the ShinyHunters extortion group. This summary covers the essential details you need to know to protect your organization.

Top 5 Critical Security Alerts

  • Oracle E-Business Suite Zero-Day Under Active Exploit by Clop: A critical unauthenticated RCE vulnerability (CVE-2025-61882) in Oracle’s E-Business Suite is being actively exploited by the Clop ransomware gang for data theft attacks, prompting an emergency patch. Read more
  • FBI and UK Gov Issue Urgent Warning on Oracle Vulnerability: The FBI and UK’s NCSC are urging all organizations to patch the Oracle EBS zero-day immediately, describing it as a ‘stop-what-you’re-doing’ level threat due to widespread exploitation by Clop. Read more
  • Critical GoAnywhere MFT Bug Exploited in Medusa Ransomware Attacks: Microsoft reports that cybercrime group Storm-1175 is exploiting a maximum severity vulnerability (CVE-2025-10035) in Fortra’s GoAnywhere MFT to deploy Medusa ransomware. Read more
  • Red Hat Data Breach Escalates as ShinyHunters Joins Extortion: The data breach impacting enterprise software giant Red Hat has worsened, with the ShinyHunters extortion group now leaking stolen customer data and demanding a ransom. Read more
  • Redis Warns of Critical RCE Flaw Impacting Thousands of Instances: Redis has patched a maximum severity vulnerability that could allow unauthenticated attackers to achieve remote code execution on thousands of internet-exposed instances. Read more

Threat Intelligence

  • XWorm Malware Resurfaces with Ransomware Module and 35+ Plugins: The XWorm backdoor is being distributed in new phishing campaigns, now upgraded with a ransomware module and over 35 plugins for enhanced malicious capabilities. Read more
  • New Malware Leverages WhatsApp to Target Brazilian Organizations: A self-propagating malware is targeting Brazilian government and business users via WhatsApp, hijacking contact lists to spread and steal financial data. Read more
  • Suspected Chinese Cyber Spies Targeted Serbian Aviation Agency: A hacking group believed to be linked to China has targeted a Serbian government aviation department and other European institutions in a cyberespionage campaign. Read more
  • Zimbra Zero-Day Exploited to Target Brazilian Military: A now-patched XSS zero-day vulnerability (CVE-2025-27915) in Zimbra Collaboration was used in attacks against the Brazilian military via malicious ICS calendar files. Read more

Security Breaches & Incidents

  • Steam and Microsoft Warn of Unity Flaw Exposing Gamers to Attacks: A code execution vulnerability in the popular Unity game engine could be exploited by attackers to compromise gamers’ systems on both Android and Windows. Read more

Security Tools & Best Practices

  • How We Trained an ML Model to Detect DLL Hijacking: Kaspersky researchers provide a detailed breakdown of how they developed and trained a machine learning model to effectively identify and prevent DLL hijacking attacks. Read more

Cloud & Network Security

  • Zeroday Cloud Hacking Contest Offers $4.5 Million in Bounties: A new bug bounty competition, Zeroday Cloud, has been launched with a $4.5 million prize pool to encourage researchers to find and report exploits in open-source cloud and AI tools. Read more

Security Standards & Frameworks

  • CISA Adds Seven Known Exploited Vulnerabilities to Catalog: CISA has added seven vulnerabilities to its KEV catalog, including the critical Oracle EBS flaw (CVE-2025-61882), mandating immediate patching for federal agencies. Read more

Emerging Security Technologies

  • California Passes First Sweeping AI Safety Law: California has enacted SB 53, the first broad AI safety law in the U.S., which mandates that major AI developers adhere to strict safety protocols to prevent catastrophic risks. Read more
  • The Role of Artificial Intelligence in Today’s Cybersecurity Landscape: An analysis of how AI is transforming cybersecurity by enhancing threat detection, accelerating incident response, and enabling smarter threat hunting in XDR and SIEM platforms. Read more
Contact Us for a FREE Security Consultation!
Picture of Chris Armour

Chris Armour

Director of Software Engineering at Grab The Axe, leads the development of secure, scalable software solutions that drive growth and innovation. With expertise in network security, coding, and AI, he aligns technology strategies with business goals while mentoring high-performing teams. He holds a Bachelor of Science degree in Network Security from the University of Advancing Technology and is dedicated to advancing digital security and software innovation.

YOU MIGHT ALSO LIKE

E-commerce Security

Enhancing E-commerce Security: A Comprehensive Case Study

Animal Rescue Security

Enhancing Animal Rescue Security: A Comprehensive Case Study

Social Media Security

Strengthening Social Media Security: A Comprehensive Case Study