Welcome to the ONSEC Cyber Daily for October 7, 2025. Today's issue dives into the unfolding saga of CVE-2025-61882, a critical vulnerability in Oracle's E-Business Suite that has sent shockwaves through the cybersecurity community. As cybercriminal forums buzz with chatter, organizations worldwide, including hospitals, are urged to patch immediately to thwart potential exploits by the notorious Clop ransomware group. With the FBI and UK government sounding the alarm, the urgency is palpable. Meanwhile, the role of Artificial Intelligence in cybersecurity continues to evolve, offering new defenses against such threats. Stay informed and secure as we unravel the latest developments in this high-stakes cyber drama.

Exploits Alert

1. Critical Vulnerability Alert: CVE-2025-61882 in Oracle E-Business Suite: A critical vulnerability in Oracle E-Business Suite, CVE-2025-61882, is under active exploitation by cybercriminals. Authorities like the FBI and UK's NCSC have issued urgent alerts urging organizations to patch immediately. The vulnerability poses a significant risk to enterprises, especially those in healthcare, as it could lead to unauthorized access and data breaches. Source: Bitsight, AHA, The Record, Identity Week, Cybernews, LinkedIn, The Cyber Express.
2. Microsoft Warns Of Critical Vulnerability As Windows 10 Support Deadline Nears: Microsoft has issued a warning about a critical vulnerability affecting Windows 10 as its support deadline approaches. Unpatched systems are at risk of cyberattacks, including ransomware, making it imperative for users to update their systems promptly. This vulnerability highlights the importance of maintaining up-to-date software to protect against potential threats. Source: Dataconomy.

Vulnerabilities & Patches

1. Critical Vulnerability Alert: CVE-2025-61882 in Oracle E-Business Suite: Oracle has disclosed a critical vulnerability in its E-Business Suite, tracked as CVE-2025-61882, which allows unauthenticated attackers to remotely execute code. This vulnerability has been actively exploited by the Clop ransomware group, prompting urgent patching recommendations from security agencies worldwide. Organizations using Oracle EBS are strongly advised to apply the patch immediately to mitigate potential risks. Source: BitSight
2. 50,000 Cisco Firewalls Vulnerable to RCE Flaws CVE-2025-20333 and 20362: Cisco has identified two critical remote code execution vulnerabilities in its firewall products, affecting approximately 50,000 devices globally. The vulnerabilities, CVE-2025-20333 and CVE-2025-20362, are being actively exploited, and both Cisco and CISA have issued urgent patching advisories. No workarounds are available, making immediate patching essential to prevent potential breaches. Source: MSN
3. Critical 9.9 Redis Vulnerability Enables Remote Code Execution: A severe vulnerability in Redis, with a CVSS score of 9.9, has been discovered, allowing attackers to execute arbitrary code remotely. The flaw is triggered by crafted Lua scripts that exploit a use-after-free condition in affected Redis instances. Administrators are urged to update their Redis installations to the latest version to protect against potential exploitation. Source: SC Media
4. Exploit Code Published for Google Chrome RCE: During the TyphoonPWN 2025 competition, a researcher uncovered a WebAssembly canonicalization bug in Chrome's V8 engine, leading to a remote code execution vulnerability. The exploit code has been published, raising the risk of widespread attacks. Google has released a patch, and users are advised to update their browsers immediately to mitigate the threat. Source: Cyber Press
5. Splunk Warns of Six Severe Security Bugs: Splunk has identified six critical security vulnerabilities affecting multiple versions of its Enterprise and Cloud Platform products. These vulnerabilities could allow attackers to gain unauthorized access or disrupt services. Splunk has released patches for all affected versions, and users are strongly encouraged to apply these updates to secure their environments. Source: SC Media

Podcasts

1. Glow in the Spark: This episode of the Twincast Podcast delves into the latest Transformers Cyberworld Armored Cyber Changers, exploring the intricacies of Wave 1 and 2. The hosts provide a detailed analysis of the new galleries, offering insights into the design and functionality of these figures. Fans of Transformers will appreciate the in-depth discussion and visual exploration. Source: Seibertron.com
2. Tackling Misconfigurations with ThreatLocker: In this episode from the CISO Series, Rob Allen, ThreatLocker's Chief Product Officer, discusses the company's innovative Defense Against Configuration (DAC) solution. The conversation centers around how DAC effectively addresses common misconfigurations that can lead to security vulnerabilities. Listeners will gain valuable insights into enhancing their cybersecurity posture through proper configuration management. Source: CISO Series

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is as dynamic as ever. The critical vulnerability CVE-2025-61882 in Oracle E-Business Suite serves as a stark reminder of the ever-present threats lurking in the shadows of our interconnected world. With no public proof-of-concept yet, the growing chatter in cybercriminal forums is a call to action for all Oracle users, especially those in healthcare, to patch immediately and safeguard their systems. The urgency of this situation cannot be overstated, as echoed by global cybersecurity authorities. It's a testament to the relentless efforts of cybercriminals and the need for constant vigilance. As we continue to navigate these challenges, remember that knowledge is power. By staying informed and proactive, we can collectively fortify our defenses against these evolving threats. If you found today's insights valuable, please share this newsletter with your friends and colleagues. Together, we can build a more secure digital future. Until next time, stay safe and stay informed!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn

x.com

X (formerly Twitter)