Dark Reading

Oracle WebLogic Exploit Used in Cryptocurrency Mining Campaign

Enterprises that failed to install Oracle's critical WebLogic patch last October could find their PeopleSoft and cloud-based servers churning out cryptocurrency, a new discovery shows. A security ...
Ars Technica

Zero-day attackers deliver a double dose of ransomware—no clicking required

Attackers have been actively exploiting a critical zero-day vulnerability in the widely used Oracle WebLogic server to install ransomware, with no clicking or other interaction necessary on the part ...
Threat Post

Oracle WebLogic Exploit-fest Continues with GandCrab Ransomware, XMRig

Snowballing attacks using a recently patched critical bug show no sign of abating. Malicious activity exploiting the recently disclosed Oracle WebLogic critical deserialization vulnerability (CVE-2019 ...

CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited

CISA added Oracle WebLogic flaw CVE-2024-21182 to its KEV catalog, giving federal agencies until June 4 to patch exposed servers.
Threat Post

Oracle: Unpatched Versions of WebLogic App Server Under Active Attack

CVE-2020-2883 was patched in Oracle’s April 2020 Critical Patch Update – but proof of concept exploit code was published shortly after. Oracle is urging customers to fast-track a patch for a critical ...
Computer Weekly

Cyber criminals exploit Oracle WebLogic flaw

A cyber criminal campaign is deploying Monero cryptocurrency miners on hundreds of victims’ machines by exploiting a flaw in unpatched versions of Oracle’s Fusion Middleware, security researchers have ...
Bleeping Computer

Critical Oracle WebLogic flaw actively targeted in attacks

Threat actors have started to hunt for servers running Oracle WebLogic instances vulnerable to a critical flaw that allows taking control of the system with little effort and no authentication. The ...
Ars Technica

Oracle app server hack let one attacker mine $226,000 worth of cryptocoins

In a report published on January 7 by SANS Technology Institute, Morphus Labs researcher Renato Marinho revealed what appears to be an ongoing worldwide hacking campaign by multiple attackers against ...
ZDNet

Oracle warns of attacks against recently patched WebLogic security bug

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...
ZDNet

Oracle publishes rare out-of-band security update for WebLogic servers

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...
Dark Reading

Oracle Issues Alert For WebLogic Plugin Vulnerability

Oracle on Tuesday issued a Security Alert related to a vulnerability that affects the Apache plug-in for Oracle WebLogic, formerly known as BEA WebLogic. In an online post, Eric Maurice, manager for ...