Ars Technica

Zero-day attackers deliver a double dose of ransomware—no clicking required

Attackers have been actively exploiting a critical zero-day vulnerability in the widely used Oracle WebLogic server to install ransomware, with no clicking or other interaction necessary on the part ...
Threat Post

Oracle WebLogic Server RCE Flaw Under Active Attack

The flaw in the console component of the WebLogic Server, CVE-2020-14882, is under active attack, researchers warn. If an organization hasn’t updated their Oracle WebLogic servers to protect them ...