Security News

Threat actors have started to hunt for servers running Oracle WebLogic instances vulnerable to a critical flaw that allows taking control of the system with little effort and no authentication. Oracle fixed the vulnerability in this month's release of Critical Patch Update, crediting security researcher Voidfyoo of Chaitin Security Research Lab for finding and reporting it.

Oracle is urging customers to fast-track a patch for a critical flaw in its WebLogic Server under active attack. Oracle WebLogic Server is a popular application server used in building and deploying enterprise Java EE applications.

Oracle has released an out-of-band emergency software update to patch a newly discovered critical vulnerability in the WebLogic Server. According to Oracle, the vulnerability—which can be...

Emergency security fix emitted for remote code exec hole exploited in the wild Oracle has issued an emergency critical update to address a remote code execution vulnerability in its WebLogic...

Oracle is urging users to update after a critical WebLogic Server Flaw was found being actively exploited in the wild.

Oracle on Tuesday announced that it has released emergency patches for a critical remote code execution vulnerability affecting WebLogic Server, a Java EE application server that is part of the...

Oracle has released an out-of-band fix for CVE-2019-2729, a critical deserialization vulnerability in a number of versions of Oracle WebLogic Server, and is urging customers to apply the security...

A recently patched vulnerability in Oracle WebLogic is being exploited in attacks aimed at installing crypto-miners on vulnerable machines, Trend Micro reports. read more

Snowballing attacks using a recently patched critical bug show no sign of abating.

Attackers are actively exploiting recently fixed vulnerabilities in Oracle WebLogic and the Widget Connector macro in Atlassian Confluence to deliver ransomware, mine cryptocurrency and make the...