Threat Post

Oracle WebLogic Server RCE Flaw Under Active Attack

The flaw in the console component of the WebLogic Server, CVE-2020-14882, is under active attack, researchers warn. If an organization hasn’t updated their Oracle WebLogic servers to protect them ...
Threat Post

Oracle Rushes Emergency Fix for Critical WebLogic Server Flaw

The remote code-execution flaw (CVE-2020-14750) is low-complexity and requires no user interaction to exploit. Oracle has released a rare out-of-band patch for a ...
ZDNet

New Oracle WebLogic zero-day discovered in the wild

Security researchers have spotted a new zero-day vulnerability impacting the Oracle WebLogic server that is currently being targeted in the wild. Oracle has been notified of the zero-day, but the ...
ZDNet

Recent Oracle WebLogic zero-day used to infect servers with ransomware

A recently discovered zero-day vulnerability has been abused for over a week to infect Oracle WebLogic servers with at least two strands of ransomware, security researchers from Cisco Talos have told ...