Oracle has issued a critical security update for a zero-day vulnerability (CVE-2025-61882) in its E-Business Suite, actively exploited by the Clop ransomware gang to steal data. The flaw allows unauthenticated remote code execution and has been linked to recent data theft attacks, with threat actors sharing exploit code and indicators of compromise. Oracle urges immediate patching to prevent further exploitation.
Hackers have exploited a security vulnerability in the MOVEit file transfer tool, compromising the personal data of over 15.5 million individuals. The number of victim organizations affected by the Clop ransomware attacks continues to grow, with more than 140 known victims, including U.S. government agencies, universities, and public sector organizations. The list of casualties includes Oregon driver's license holders, Louisiana residents, members of the California Public Employees' Retirement System, Genworth Finance clients, Wilton Reassurance customers, Tennessee Consolidated Retirement System beneficiaries, and Talcott Resolution customers. The University of California-Los Angeles (UCLA) and Siemens Energy are among the newly listed victims. The exact number of impacted organizations and individuals remains unknown, and more victims are expected to come to light. The U.S. State Department has offered a $10 million bounty for information on the Clop ransomware group.
A global cyberattack by Russian cybercriminals has targeted federal and state agencies, private companies, and universities, exploiting a vulnerability in MOVEit software. The ransomware gang, Clop, is demanding multimillion-dollar payments from victims before publishing data it claims to have hacked. The full extent of the attack is not yet known, and victims are working to understand how much data was compromised. Consumers are advised to maintain usual cybersecurity precautions, but much of the responsibility now lies on businesses and federal agencies to update their software and protect against future attacks.
Hacker group Clop has published the names and company profiles of dozens of victims of a global mass hack, including banks, universities, and US federal bodies, on its darknet website. The group is using the leak site to pressure victims into paying ransom to avoid their data being breached. The mass hack is likely to have affected hundreds of organizations around the world, with around 50 confirmed so far. The hack was first disclosed on May 31 when US company Progress Software said hackers had found a way to break into its MOVEit Transfer tool.
A global cyberattack believed to be orchestrated by a Russian hacking gang called CLOP Ransomware has impacted several US federal agencies, NATO allies, and businesses worldwide. The gang is using a double extortion ransomware strategy, stealing sensitive data before encrypting it and demanding a ransom to prevent the leaking of information on their ransomware site. The US Cybersecurity and Infrastructure Security Agency (CISA) is working with affected agencies to mitigate the risk, and there is no indication that any military branches or intelligence communities have been impacted. The FBI and CISA have warned about the vulnerability in the file-sharing software MoveIt Transfer, which the gang is exploiting.
Ransomware gang Clop has listed the first batch of victims of its mass-hacks, which exploited a critical security vulnerability in the MOVEit Transfer tool used by corporations and enterprises to share large files over the internet. The victim list includes US-based financial services organizations, universities, and energy giant Shell. While the exact number of victims remains unknown, researchers report that Clop may have been exploiting the MOVEit vulnerability as far back as 2021. Many more victims are expected to be revealed in the coming days and weeks, with thousands of MOVEit servers still discoverable on the internet.
The US Department of Justice has indicted two Russian men for the 2011 hack of Mt. Gox, accusing them of siphoning out coins from the exchange for three years until it declared bankruptcy in 2014. Meanwhile, a study has found a vast network of child exploitation images and videos being sold and even commissioned on Instagram's open, public network, with automated recommendation algorithms promoting more CSAM materials to users who sought that horrific content. The notorious Russia-linked ransomware gang known as Clop has taken responsibility for stealing data from "hundreds of companies" through a vulnerability in the file-transfer service MOVEit Transfer, while cryptocurrency tracing firm Elliptic has found blockchain evidence tying a $35m hack of Atomic Wallet to North Korean state-sponsored hackers.
The Clop ransomware gang confirmed that they were behind the recent MOVEit Transfer data-theft attacks, with victims including Zellis, University of Rochester, and the Government of Nova Scotia. The Royal Ransomware gang has begun testing a new BlackSuit encryptor in limited attacks. Other news includes the discovery of new ransomware variants Cyclops and Xollam, and the arrest of an Army corporal for alleged involvement in the Rhysida ransomware attack on the Chilean army. Additionally, the University of Manchester warns that they suffered a cyberattack where data was likely stolen.
The Clop cybercrime gang, believed to be based in Russia, has issued an ultimatum to victims of a hack that has affected organizations worldwide. The group posted a notice on the dark web warning firms affected by the MOVEit hack to email them before 14 June or stolen data will be published. More than 100,000 staff at the BBC, British Airways, and Boots have been told payroll data may have been taken. Employers are being urged not to pay up if the hackers demand a ransom. Cybersecurity experts have long tracked the exploits of Clop, which is thought to be based in Russia as it mainly operates on Russian speaking forums.
The Clop ransomware group has exploited a vulnerability in the file transfer tool MOVEit to break into computer networks globally and steal sensitive information. The group has issued an extortion notice to potentially hundreds of affected companies, warning that they must contact the gang or be named on the group's extortion site. The US Cybersecurity and Infrastructure Security Agency has issued an advisory regarding Clop's campaign, warning that the gang has historically compromised thousands of organizations. Nova Scotia government and the University of Rochester are the first victims to be identified in North America.
Progress Software discovered a critical security flaw in its MOVEit software, which was already being exploited by cybercriminals to steal large amounts of data. The flaw was detected by a Progress customer on May 28, but the company spent two days confirming the warning before notifying customers on May 30. The notorious cybercriminal gang Clop has claimed responsibility for the data theft, which has affected at least one UK payroll processing company and its customers, including the BBC, Boots, and British Airways. Progress has patched the software to eliminate the threat.
Organizations of all sizes are being targeted by the Clop ransomware group through a critical vulnerability in the widely used file-transfer program, MOVEit. The attacks are fueled by a recently patched SQL injection vulnerability, allowing attackers to steal data from compromised servers. The attacks have hit banks, government agencies, and other targets in alarmingly high numbers. The attacks are described as widespread and are expected to get worse.
