Threat Post

New ‘Sodinokibi’ Ransomware Exploits Critical Oracle WebLogic Flaw

A recently-patched critical flaw in Oracle WebLogic is being actively exploited to peddle a new ransomware variant, which researchers call “Sodinokibi.” A recently-disclosed critical vulnerability in ...

CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited

CISA added Oracle WebLogic flaw CVE-2024-21182 to its KEV catalog, giving federal agencies until June 4 to patch exposed ...
Threat Post

Oracle WebLogic Exploit-fest Continues with GandCrab Ransomware, XMRig

Snowballing attacks using a recently patched critical bug show no sign of abating. Malicious activity exploiting the recently disclosed Oracle WebLogic critical deserialization vulnerability (CVE-2019 ...
ZDNet

Oracle patches another actively-exploited WebLogic zero-day

Oracle released an out-of-band security update to fix a vulnerability in WebLogic servers that was being actively exploited in the real world to hijack users' systems. Attacks using this vulnerability ...
Dark Reading

Prophet Spider Exploits WebLogic CVEs to Enable Ransomware Attacks

The Prophet Spider threat actor is running multiple campaigns in which attackers exploit Oracle WebLogic server flaws to access target environments then pass on their access to attackers who deploy ...
ZDNet

Oracle publishes rare out-of-band security update for WebLogic servers

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...