October 2025 CVE Landscape

Recorded Future's Insikt Group reports that October 2025 saw a surge in active exploitation across 32 high-impact CVEs (26 rated Very Critical), including zero-days exploited by CL0P against Oracle E-Business Suite (CVE-2025-61882) and a WSUS deserialization RCE (CVE-2025-59287), details CL0P's multi-stage Java malware chain and extortion activity, provides indicators of compromise, affected-instance exposure from Internet scans, and prioritized mitigation steps and detection templates for defenders.