Svoboda Cybersecurity Brief October 13, 2025

ScatteredLAPSUS$Hunters’ Salesforce extortion campaign fizzles

The threat group ScatteredLAPSUS$Hunters leaked data from only 6 of 39 targeted Salesforce customers after failing to extract ransom payments. Despite threats of a “massive leak,” the group provided no clear explanation for stopping, though they claimed some victims paid privately. The incident demonstrates low reliability of ransomware group leak threats even in high-profile campaigns.
Source: DataBreaches

Critical Oracle E-Business Suite flaw exposes data without authentication

Oracle disclosed CVE-2025-61884, a high-severity (CVSS 7.5) vulnerability in E-Business Suite versions 12.2.3 through 12.2.14, allowing unauthenticated attackers to access sensitive Configurator data via HTTP. The flaw follows recent exploitation of another EBS zero-day (CVE-2025-61882) linked to Cl0p-affiliated groups.
Impact: Unauthorized access to critical business data.
Mitigation: Apply Oracle’s latest patches immediately.
Source: The Hacker News

Fake “Inflation Refund” smishing scam targets New Yorkers

Attackers impersonate the New York Department of Taxation via SMS, directing victims to phishing sites that harvest SSNs, bank details, and contact info under the guise of processing refunds. Officials confirm no action is required to receive legitimate inflation refunds.
Source: BleepingComputer

Share this brief: https://svo.bz/zKNG