Home Innovation Oracle Worldwide Businesses Hit as FI...

Worldwide Businesses Hit as FIN11 Exploits Oracle EBS Weaknesses

Oracle

Business Honor
11 November, 2025

FIN11 hackers attacked businesses through Oracle software weaknesses, stealing massive data, this suggests a rise in AI-powered cybercrime threats.

A new wave of cyberattacks on Oracle E-Business Suite (EBS) systems has been linked to FIN11, a profitable hacker collective that has a history of major ransom attempts. Threatening emails were sent to leaders at hundreds of businesses throughout the campaign, that started in late September. After hacks using MOVEit, Cleo, and Fortra file transfer products, the Cl0p ransomware business strengthened its history of broad attacks by claiming responsibility.

There are 29 claimed victims of the hack listed on Cl0p's leak site. Harvard University, Wits University in South Africa, and Envoy Air, an American Airlines subsidiary, are among the reported victims. Schneider Electric, Emerson, Logitech, Cox Enterprises, Pan American Silver, LKQ Corporation, and Copeland are the other major businesses that haven't issued any public comments. According to experts, several businesses are running secret investigations or staying silent to avoid public enquiry.

SecurityWeek reports that archives containing hundreds of gigabytes to several terabytes of data from 18 victims have already been accessed. Some files seem to have originated from Oracle systems based on a structural analysis, suggesting that the attackers might have gained access to EBS environments. According to investigators, the hackers took advantage of two unfixed weaknesses (CVE-2025-61882 and CVE-2025-61884) which allow access to sensitive data without any identification.

This attack suggests an increase toward artificial intelligence-based fraud attempts as businesses try to reduce the effects. Future cyberattacks might target the digital infrastructure that supports international trade rather than particular individuals or networks.