Cl0p claims ransomware hit on NHS

Clop (sometimes written “Cl0p”) is a known for its multilevel extortion techniques and global malware distribution. 

The NHS appears alongside other names, one of which, US newspaper The Washington Post, has confirmed that it fell victim to a Cl0p attack orchestrated via two distinct vulnerabilities in Oracle’s E-Business suite, patched earlier in the autumn. NHS England’s digital teams published an advisory notice covering the Oracle bugs – CVE-2025-53072 and CVE-2025-62481 as on 23 October.