Cox Enterprises just fessed up to a nasty data breach where hackers exploited a zero-day vulnerability in Oracle’s E-Business Suite, snagging personal info from over 9,000 folks after slipping in undetected back in August 2025—though they didn’t catch on until late September. The culprits? The notorious Cl0p ransomware gang, who pounced on this unpatched flaw (CVE-2025-61882) well before Oracle dropped a fix in early October, adding Cox to their growing list of victims on the dark web alongside big names like Logitech and the Washington Post. It’s a stark reminder that even massive outfits with $23 billion in revenue aren’t immune to these opportunistic attacks, especially when zero-days lurk in critical business software. For SMBs and MSPs, this underscores the need to stay vigilant with regular vulnerability scans and rapid patching—don’t wait for the other shoe to drop like Cox did. And hey, if you’re using Oracle tools, double-check those updates and consider bolstering your incident response plans to keep your operations from turning into a hacker’s playground.
You May Also Enjoy
French Football Federation discloses data breach after cyberattack
The French Football Federation (FFF) recently fessed up to a data breach where hackers snagged access to their admin software via a hijacked account, exposin...
Malicious LLMs empower inexperienced hackers with advanced tools
Malicious large language models like WormGPT 4 and KawaiiGPT are basically handing out cybercrime starter kits, letting script kiddies crank out sophisticate...
OpenAI discloses API customer data breach via Mixpanel vendor hack
OpenAI just fessed up to a sneaky data slip involving some ChatGPT API users, all thanks to a smishing attack on their analytics vendor, Mixpanel—yeah, that ...
Mixpanel Security Breach
Mixpanel recently spilled the beans on a security hiccup involving a smishing attack that snuck up on a handful of customers back on November 8th, 2025, prov...