A new large-scale extortion campaign targeting Oracle E-Business Suite (EBS) was uncovered, linked to the CL0P extortion group. The campaign involved exploiting zero-day vulnerabilities to exfiltrate sensitive data from organizations and sending extortion emails to executives demanding payment to prevent data release. Oracle has issued multiple patches to address these vulnerabilities, with evidence suggesting prolonged exploitation efforts prior to the recent attacks.