Enterprises that failed to install Oracle's critical WebLogic patch last October could find their PeopleSoft and cloud-based servers churning out cryptocurrency, a new discovery shows. A security ...

A recently-patched critical flaw in Oracle WebLogic is being actively exploited to peddle a new ransomware variant, which researchers call “Sodinokibi.” A recently-disclosed critical vulnerability in ...

Snowballing attacks using a recently patched critical bug show no sign of abating. Malicious activity exploiting the recently disclosed Oracle WebLogic critical deserialization vulnerability (CVE-2019 ...

The Prophet Spider threat actor is running multiple campaigns in which attackers exploit Oracle WebLogic server flaws to access target environments then pass on their access to attackers who deploy ...

A cyber criminal campaign is deploying Monero cryptocurrency miners on hundreds of victims’ machines by exploiting a flaw in unpatched versions of Oracle’s Fusion Middleware, security researchers have ...

Oracle released an out-of-band security update to fix a vulnerability in WebLogic servers that was being actively exploited in the real world to hijack users' systems. Attacks using this vulnerability ...

A botnet known as DarkIRC is actively targeting thousands of exposed Oracle WebLogic servers in attacks designed to exploit the CVE-2020-14882 remote code execution (RCE) vulnerability fixed by Oracle ...