Enterprises that failed to install Oracle's critical WebLogic patch last October could find their PeopleSoft and cloud-based servers churning out cryptocurrency, a new discovery shows. A security ...

Oracle fixes CVE-2026-21992 (CVSS 9.8) flaw enabling unauthenticated RCE via HTTP, risking full system compromise.

Snowballing attacks using a recently patched critical bug show no sign of abating. Malicious activity exploiting the recently disclosed Oracle WebLogic critical deserialization vulnerability (CVE-2019 ...

Attackers have been actively exploiting a critical zero-day vulnerability in the widely used Oracle WebLogic server to install ransomware, with no clicking or other interaction necessary on the part ...

A cyber criminal campaign is deploying Monero cryptocurrency miners on hundreds of victims’ machines by exploiting a flaw in unpatched versions of Oracle’s Fusion Middleware, security researchers have ...

Oracle has published on Sunday a rare out-of-band security update to address an incomplete patch for a recently disclosed vulnerability in Oracle WebLogic servers that is currently being actively ...

CVE-2020-2883 was patched in Oracle’s April 2020 Critical Patch Update – but proof of concept exploit code was published shortly after. Oracle is urging customers to fast-track a patch for a critical ...

Hackers leveraged a server vulnerability to mine cryptocurrency across the globe Dan Kitwood/Getty Images Multiple hackers are exploiting a web server vulnerability that was patched by Oracle late ...

Oracle on Tuesday issued a Security Alert related to a vulnerability that affects the Apache plug-in for Oracle WebLogic, formerly known as BEA WebLogic. In an online post, Eric Maurice, manager for ...

Threat actors have started to hunt for servers running Oracle WebLogic instances vulnerable to a critical flaw that allows taking control of the system with little effort and no authentication. The ...

Rule number one of IT security: Always. Patch. Promptly... Unpatched Oracle WebLogic servers have been targeted by two groups of cyber criminals looking to use powerful corporate servers to exploit ...