Cox Enterprises hit by network compromise linked to Cl0p
Incident
Summary
Hide ▲
Show ▼
Cox Enterprises disclosed a data breach that exposed personal data after attackers used a zero-day flaw in Oracle E-Business Suite to breach its network. The compromise occurred in August 2025 and was detected on September 29, 2025, making the intrusion a delayed-discovery incident. The company later notified 9,479 impacted individuals and offered 12 months of identity theft protection and credit monitoring. The breach was also tied to Cl0p activity after the group added Cox Enterprises to its leak site on October 27.
Related Happenings
Oracle E-Business Suite unauth HTTP takeover security flaw (CVE-2026-46817)
Vulnerability
H score52
First: 29.06.2026 16:46
Last: 29.06.2026 16:46
Sources 1
About this happening:
**Oracle E-Business Suite** **CVE-2026-46817** is under **active exploitation**, putting **Oracle Payments** deployments at takeover risk. The flaw allows **unauthenticated HTTP a...
Oracle E-Business Suite unauth HTTP takeover security flaw (CVE-2026-46817)
VulnerabilityAbout this happening: **Oracle E-Business Suite** **CVE-2026-46817** is under **active exploitation**, putting **Oracle Payments** deployments at takeover risk. The flaw allows **unauthenticated HTTP a...
Oracle E-Business Suite May 2026 Critical Security Patch Update (CVE-2026-46817)
Security Patch Release
H score53
First: 29.06.2026 16:46
Last: 29.06.2026 16:46
Sources 1
About this happening:
**Oracle**'s **May 2026 Critical Security Patch Update** addressed **CVE-2026-46817** in **Oracle E-Business Suite**, a **critical** flaw in **Oracle Payments** that could let an...
Oracle E-Business Suite May 2026 Critical Security Patch Update (CVE-2026-46817)
Security Patch ReleaseAbout this happening: **Oracle**'s **May 2026 Critical Security Patch Update** addressed **CVE-2026-46817** in **Oracle E-Business Suite**, a **critical** flaw in **Oracle Payments** that could let an...
Oracle PeopleSoft broad zero-day exploitation campaign
Exploitation Wave
H score82
First: 29.06.2026 13:00
Last: 29.06.2026 13:00
Sources 1
About this happening:
A **broad PeopleSoft zero-day exploitation campaign** exposed **multiple organizations** to compromise after attackers abused a **previously unknown Oracle PeopleSoft vulnerabilit...
Oracle PeopleSoft broad zero-day exploitation campaign
Exploitation WaveAbout this happening: A **broad PeopleSoft zero-day exploitation campaign** exposed **multiple organizations** to compromise after attackers abused a **previously unknown Oracle PeopleSoft vulnerabilit...
Oracle PeopleSoft PeopleTools zero-day RCE (CVE-2026-35273)
Vulnerability
H score58
First: 11.06.2026 22:39
Last: 11.06.2026 22:39
Sources 1
About this happening:
**Oracle PeopleSoft PeopleTools CVE-2026-35273** is a critical **zero-day RCE** affecting **PeopleSoft Enterprise PeopleTools 8.61 and 8.62**. Oracle released **emergency mitigati...
Oracle PeopleSoft PeopleTools zero-day RCE (CVE-2026-35273)
VulnerabilityAbout this happening: **Oracle PeopleSoft PeopleTools CVE-2026-35273** is a critical **zero-day RCE** affecting **PeopleSoft Enterprise PeopleTools 8.61 and 8.62**. Oracle released **emergency mitigati...
Latest development: 29.06.2026 23:40
Nissan says it suffered a data breach affecting current and former employees after attackers exploited an Oracle PeopleSoft zero-day associated with CVE-2026-35273. Oracle informed Nissan that personnel records of hundreds of companies may have been obtained and that Nissan was specifically targeted, with potentially exposed data including contact details, banking information, Social Security numbers, Social Insurance Numbers, National Identification Numbers, financial and tax information, and dependent and beneficiary data for employees in the United States, Canada, Mexico, and Brazil.
Madison Square Garden hit by network compromise linked to Cl0p
Incident
H score38
First: 02.03.2026 15:53
Last: 02.03.2026 15:53
Sources 1
About this happening:
**Madison Square Garden** confirmed a **data breach** that exposed **names and SSNs**, and it has started notifying affected people. The compromise involved a **hosted Oracle E-Bu...
Madison Square Garden hit by network compromise linked to Cl0p
IncidentAbout this happening: **Madison Square Garden** confirmed a **data breach** that exposed **names and SSNs**, and it has started notifying affected people. The compromise involved a **hosted Oracle E-Bu...
Timeline
-
22.11.2025 17:16 1 articles · 7mo ago
Suspicious activity discovered in Oracle E-Business Suite
Detection Ioc UpdateCox Enterprises became aware of suspicious activity involving Oracle’s E-Business Suite on September 29, 2025 and opened an internal investigation after cybercriminals exploited a previously unknown security flaw in the back-office platform between Aug. 9-14, 2025.
Show sources
- Cox Enterprises discloses Oracle E-Business Suite data breach — www.bleepingcomputer.com — 22.11.2025 17:16
-
22.11.2025 17:16 1 articles · 7mo ago
Cl0p leak-site publication tied to Cox Enterprises
Attribution UpdateCl0p claimed credit for exploiting CVE-2025-61882 as a zero-day in Oracle E-Business Suite, and on October 27, 2025 the group added Cox Enterprises to its dark-web data leak site and published stolen information.
Show sources
- Cox Enterprises discloses Oracle E-Business Suite data breach — www.bleepingcomputer.com — 22.11.2025 17:16
-
22.11.2025 17:16 2 articles · 7mo ago
Cox Enterprises notifies 9,479 impacted individuals
Initial DisclosureOn November 22, 2025, Cox Enterprises notified 9,479 impacted individuals about the data breach and offered 12 months of identity theft protection and credit monitoring through IDX at no cost, while not specifying the exact data types exposed in the sample notice.
Show sources
- Cox Enterprises discloses Oracle E-Business Suite data breach — www.bleepingcomputer.com — 22.11.2025 17:16
- Cox Enterprises discloses Oracle E-Business Suite data breach — www.bleepingcomputer.com — 22.11.2025 17:16