Over the past year and a half, Oracle WebLogic servers have been targeted incessantly, especially by criminal groups engaged in crypto-mining operations. CVE-2017-10271, above all, has remained ...

A recently discovered zero-day vulnerability has been abused for over a week to infect Oracle WebLogic servers with at least two strands of ransomware, security researchers from Cisco Talos have ...

Oracle WebLogic servers continue to be hard hit with exploits. In May 2020, Oracle urged customers to fast-track a patch for a critical flaw in its WebLogic Server under active attack.

Threat actors have started to hunt for servers running Oracle WebLogic instances vulnerable to a critical flaw that allows taking control of the system with little effort and no authentication.

Critical WebLogic flaw also targeted in previous attacks. One week after Oracle patched the vulnerability, threat actors started hunting for exposed Oracle WebLogic instances and checking if they ...