The Clop ransomware group published a list that listed 39 new victims on its data leak site in the last 24 hours. This increase in listings suggests a major automated campaign.
The Clop ransomware gang has claimed breach of Oracle’s internal systems. This is part of a large extortion campaign taking advantage of a serious zero-day vulnerability in Oracle E-Business Suite (EBS), identified as CVE-2025-61882.
The latest list of alleged victims posted by the group includes:
Al Jomaih Automotive (🇸🇦): The largest General Motors dealer in the Middle East, based in Saudi Arabia.
Fruit of the Loom (🇺🇸): An American manufacturer of underwear, casualwear, and sporting goods.
Frontrol (🇺🇸): A provider of project controls and management software for the construction and engineering sectors.
Humana (🇺🇸): A leading American health insurance and healthcare company.
Abbott Laboratories (🇺🇸): An American multinational medical devices and healthcare company.
Mazda (🇯🇵): A major Japanese multinational automotive manufacturer.
MAS Holdings (🇱🇰): South Asia’s largest manufacturer of lingerie and sportswear.
Canon (🇯🇵): A Japanese multinational corporation specializing in optical, imaging, and industrial products.
Trane Technologies (🇮🇪): A global climate innovator creating efficient and sustainable indoor environments.
Grupo Bimbo (🇲🇽): The world’s largest baking company, headquartered in Mexico.
Bechtel (🇺🇸): An American engineering, procurement, construction, and project management company.
The Estée Lauder Companies (🇺🇸): A multinational manufacturer and marketer of prestige skincare, makeup, and fragrance products.
Alshaya Group (🇰🇼): A multinational retail franchise operator headquartered in Kuwait.
Fleet Management Limited (🇭🇰): One of the world’s largest independent third-party ship management companies.
Mazda USA (🇺🇸): The North American subsidiary of the Japanese automotive manufacturer Mazda.
Worley (🇦🇺): An Australian engineering company providing project delivery and consulting services.
L&L Products (🇺🇸): A technology-driven company creating engineering solutions for the automotive and aerospace industries.
University of Phoenix (🇺🇸): An American for-profit university specializing in online education.
Treet Group (🇵🇰): A Pakistani conglomerate known for manufacturing razors and batteries.
Greater Cleveland Regional Transit Authority (🇺🇸): The public transit agency for Cleveland and Cuyahoga County, Ohio.
A10 Networks (🇺🇸): An American public company specializing in application delivery controllers and cyber security.
Envoy Global (🇺🇸): A technology company providing workplace and visitor management software.
Broadcom (🇺🇸): A global technology leader in semiconductor and infrastructure software solutions.
Southern Illinois University (🇺🇸): A public university system in the state of Illinois.
Dooney & Bourke (🇺🇸): An American fashion company specializing in fashion accessories.
WellBiz Brands (🇺🇸): A franchise portfolio manager of health and wellness brands.
Michelin (🇫🇷): A French multinational tyre manufacturer.
Sumitomo Chemical (🇯🇵): A major Japanese chemical company.
Greenball Corporation (🇺🇸): An American tire and wheel distributor.
Thobe Al Aseel (🇸🇦): A Saudi Arabian company specializing in traditional men’s clothing.
Incentive Concepts (🇺🇸): A premium brand distributor for the corporate gift and incentive market.
Aosom (🇺🇸): An e-commerce retailer specializing in home goods, outdoor furniture, and pet supplies.
Legacy Classic Furniture (🇺🇸): A leading supplier of bedroom, dining, and casual dining furniture.
iBizSoft Inc (🇺🇸): A provider of ERP and eCommerce solutions.
Eighteen Pakistan (🇵🇰): A luxury real estate development project in Islamabad.
SIJ Acroni (🇸🇮): A Slovenian steel manufacturer producing flat-rolled steel products.
Zain Group (🇰🇼): A leading mobile telecommunications operator in the Middle East and Africa.
VIP Apps Consulting (🇬🇧): A management consulting and technology company.
Al Mahmal Facilities Services (MAFAS) (🇸🇦): A prominent facilities management company in Saudi Arabia.
Broadcom spokesperson said that “Broadcom uses Oracle’s E-Business Suite for certain internal corporate financial operations. Like many other organizations that use this software, Broadcom has been targeted by cybercriminals who have exploited zero-day vulnerabilities in the Oracle product. Broadcom has forensically examined and patched our Oracle system to remediate the vulnerabilities.”
“Broadcom operations are unaffected, and we are confident in the integrity of our financial data. If any of the limited types of data processed in Oracle are unlawfully disclosed, we do not expect it to pose significant risk to any of our customers, vendors, partners, or employees.”
The recent listing of 39 Clop ransomware probable victims shows a large-scale attack using the CVE-2025-61882 zero-day flaw in Oracle E-Business Suite (EBS). Major companies like Oracle, Mazda, Canon, Humana, and Broadcom are likely to be affected, indicating widespread vulnerability.
Organizations using Oracle EBS must quickly apply patches, isolate affected systems, monitor logs for unusual activity, and conduct urgent incident-response evaluations. Improving network segmentation, enforcing multi-factor authentication, and performing regular third-party security checks are essential to prevent future attacks.
Source: Hackmanac, dailydarkweb, cybersecuritynews