Critical Flaw in Oracle Identity Manager Under Exploitation
darkreading
Actively Exploited
Summary
The article highlights the exploitation of CVE-2025-61757, which follows a breach of Oracle Cloud and an extortion campaign targeting Oracle E-Business Suite customers. This indicates a significant security threat that could impact numerous organizations relying on Oracle's services.
Impact
Oracle Identity Manager, Oracle Cloud, Oracle E-Business Suite
In the Wild
Yes
Timeline
Ongoing since earlier this year
Remediation
Organizations should apply security patches provided by Oracle for Oracle Identity Manager and Oracle Cloud. Additionally, implementing strong access controls and monitoring for unusual activities can mitigate the risk of exploitation.