Dark Reading

Oracle WebLogic Exploit Used in Cryptocurrency Mining Campaign

Enterprises that failed to install Oracle's critical WebLogic patch last October could find their PeopleSoft and cloud-based servers churning out cryptocurrency, a new discovery shows. A security ...
Threat Post

New ‘Sodinokibi’ Ransomware Exploits Critical Oracle WebLogic Flaw

A recently-patched critical flaw in Oracle WebLogic is being actively exploited to peddle a new ransomware variant, which researchers call “Sodinokibi.” A recently-disclosed critical vulnerability in ...
Threat Post

Oracle WebLogic Exploit-fest Continues with GandCrab Ransomware, XMRig

Snowballing attacks using a recently patched critical bug show no sign of abating. Malicious activity exploiting the recently disclosed Oracle WebLogic critical deserialization vulnerability (CVE-2019 ...
Dark Reading

Prophet Spider Exploits WebLogic CVEs to Enable Ransomware Attacks

The Prophet Spider threat actor is running multiple campaigns in which attackers exploit Oracle WebLogic server flaws to access target environments then pass on their access to attackers who deploy ...
Computer Weekly

Cyber criminals exploit Oracle WebLogic flaw

A cyber criminal campaign is deploying Monero cryptocurrency miners on hundreds of victims’ machines by exploiting a flaw in unpatched versions of Oracle’s Fusion Middleware, security researchers have ...