Clop hackers exploit Oracle flaw to extort corporate executives; company issues emergency fix

Oracle rushed to release a patch for a zero-day flaw in its E-Business Suite after the Clop hacking group began stealing executives’ personal data and demanding ransom. The bug, which lets attackers break in without login credentials, fueled an ongoing extortion campaign, according to Google’s Mandiant team. Despite Oracle’s July updates, hackers kept exploiting new weaknesses through August, exposing major enterprise risks.