Critical Zero-Day Vulnerabilities Expose Millions to Cyberattacks as Oracle and Redis Systems Come Under Fire

Critical zero-day vulnerabilities in Oracle E-Business Suite (CVE-2025-61882) and Redis (CVE-2025-49844) are being actively exploited by cybercriminals, with the Oracle flaw linked to Clop-affiliated threat actors targeting enterprise data since September 2025. Both vulnerabilities allow remote code execution and affect millions of systems worldwide, prompting emergency patches and urgent mitigation guidance from security experts and government agencies.