CrowdStrike is tracking a mass exploitation campaign almost certainly leveraging a novel zero-day vulnerability – now tracked as CVE-2025-61882 – targeting Oracle E-Business Suite (EBS) applications for the purposes of data exfiltration.