CVE-2020-2883 was patched in Oracle’s April 2020 Critical Patch Update – but proof of concept exploit code was published shortly after. Oracle is urging customers to fast-track a patch for a critical ...

The remote code-execution flaw (CVE-2020-14750) is low-complexity and requires no user interaction to exploit. Oracle has released a rare out-of-band patch for a ...

Oracle issued an out-of-band security update over the weekend to address a critical remote code execution (RCE) vulnerability impacting multiple Oracle WebLogic Server versions. The security ...

Security researchers have spotted a new zero-day vulnerability impacting the Oracle WebLogic server that is currently being targeted in the wild. Oracle has been notified of the zero-day, but the ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

A critical Oracle WebLogic vulnerability was weaponized almost immediately after public exploit code became available, according to a new honeypot-based analysis covering attack activity between ...

A recently discovered zero-day vulnerability has been abused for over a week to infect Oracle WebLogic servers with at least two strands of ransomware, security researchers from Cisco Talos have told ...

A threat actor is dropping a cryptominer and distributed denial-of-service (DDoS) malware on Oracle WebLogic Servers using "Hadooken." Researchers at Aqua Nautilus spotted the malware when it hit one ...

Oracle released a revamped toolkit to make it easier to deploy WebLogic domains to Kubernetes clusters. Version 2.0 of the hyperscaler’s WebLogic Kubernetes Toolkit UI (WKT UI) features vital ...