Find notable cyber news and cases, enriched with sources, timelines, and signals.

Cl0p Oracle EBS supply chain campaign impacting multiple organizations

Campaign
First reported
Last updated
Happening score
H score 36
1 unique sources, 1 articles

Summary

Hide ▲

A Cl0p-linked Oracle EBS supply chain campaign is continuing, with around 100 organizations believed affected over the past two months. The growing disclosure list means the operation’s reach now spans major universities, media, and commercial organizations, increasing the risk of follow-on fraud and phishing. The exposed material was later posted on the dark web, reinforcing that the campaign remains operationally active.

Related Happenings

Oracle PeopleSoft broad zero-day exploitation campaign

Exploitation Wave
H score82 First: 29.06.2026 13:00 Last: 29.06.2026 13:00 Sources 1

About this happening: A **broad PeopleSoft zero-day exploitation campaign** exposed **multiple organizations** to compromise after attackers abused a **previously unknown Oracle PeopleSoft vulnerabilit...

ShinyHunters Oracle PeopleSoft data theft and extortion campaign

Campaign
H score60 First: 10.06.2026 21:31 Last: 10.06.2026 21:31 Sources 1

About this happening: **ShinyHunters**/**UNC6240** used **CVE-2026-35273** in **Oracle PeopleSoft Enterprise PeopleTools** as a **zero-day** to break into exposed systems, steal data, and extort victim...

Latest development: 29.06.2026 23:40

Nissan says attackers exploited an Oracle PeopleSoft vulnerability in a ShinyHunters-linked campaign and that the company was specifically targeted, with personal information for current and former employees in the United States, Canada, Mexico, and Brazil potentially exposed. Nissan says the material may include employee contact information, banking information, Social Security numbers, Social Insurance Numbers, National Identification Numbers, financial and tax information, and dependent and beneficiary information, and the company has activated incident response, engaged external cybersecurity experts, secured affected systems, and is working with Oracle.

Cl0p Oracle E-Business Suite zero-day extortion campaign

Campaign
H score37 First: 02.03.2026 15:53 Last: 02.03.2026 15:53 Sources 1

About this happening: The **Cl0p ransomware and extortion group** is running an **Oracle E-Business Suite** extortion campaign that used **zero-day vulnerabilities** to access data from **more than 100...

Madison Square Garden hit by network compromise linked to Cl0p

Incident
H score38 First: 02.03.2026 15:53 Last: 02.03.2026 15:53 Sources 1

About this happening: **Madison Square Garden** confirmed a **data breach** that exposed **names and SSNs**, and it has started notifying affected people. The compromise involved a **hosted Oracle E-Bu...

TikTok U.S. joint venture under September 2025 executive order

Public Sector Action
H score77 First: 23.01.2026 13:30 Last: 23.01.2026 13:30 Sources 1

About this happening: The U.S.-backed **TikTok USDS Joint Venture LLC** now lets **TikTok** keep operating in the **U.S.**, changing ownership and security oversight for a platform used by **over 200 m...

Timeline

  1. 08.12.2025 11:30 2 articles · 7mo ago

    Cl0p Oracle EBS campaign reaches Barts Health

    Campaign Scope Update

    Barts Health disclosed that Cl0p stole files from an Oracle E-Business Suite (EBS) invoice database and posted them on the dark web, exposing names and addresses linked to people liable for treatment or services. The trust said its electronic patient records, clinical systems and core IT infrastructure were unaffected, that it was working with NHS England, the National Cyber Security Centre, the Metropolitan Police and the Information Commissioner's Office, and that the wider Oracle EBS supply chain campaign has affected around 100 organizations including Harvard University, Allianz UK, The Washington Post, Dartmouth College, University of Pennsylvania, Broadcom and Abbott Laboratories.

    Show sources