A recently discovered zero-day vulnerability has been abused for over a week to infect Oracle WebLogic servers with at least two strands of ransomware, security researchers from Cisco Talos have told ...

Oracle issued an out-of-band security update over the weekend to address a critical remote code execution (RCE) vulnerability impacting multiple Oracle WebLogic Server versions. The security ...

The flaw in the console component of the WebLogic Server, CVE-2020-14882, is under active attack, researchers warn. If an organization hasn’t updated their Oracle WebLogic servers to protect them ...

Oracle WebLogic servers are under attack from hackers who are trying to take over vulnerable installations that have not received a recent patch for a critical vulnerability. The security bug at the ...

Security researchers have spotted a new zero-day vulnerability impacting the Oracle WebLogic server that is currently being targeted in the wild. Oracle has been notified of the zero-day, but the ...

The remote code-execution flaw (CVE-2020-14750) is low-complexity and requires no user interaction to exploit. Oracle has released a rare out-of-band patch for a ...

A threat actor is dropping a cryptominer and distributed denial-of-service (DDoS) malware on Oracle WebLogic Servers using "Hadooken." Researchers at Aqua Nautilus spotted the malware when it hit one ...

A new attack campaign compromises misconfigured Oracle WebLogic servers and deploys a backdoor program called Hadooken along with a cryptocurrency mining program, apparently to take advantage of weak ...

A Java EE application server from Oracle. Originally from BEA Systems, WebLogic Server applications are accessed by a Web browser or Java client. WebLogic Server is the core product of BEA WebLogic, ...

CISA addS three new bugs to KEV - two in Mitel’s MiCollab, and one in Oracle WebLogic Server The bugs allowed crooks to read sensitive files and take over vulnerable endpoints Federal agencies have ...