Attackers use zero-day to deploy new Sodinokibi ransomware strain on unpatched Oracle WebLogic servers.

Oracle WebLogic servers continue to be hard hit with exploits. In May 2020, Oracle urged customers to fast-track a patch for a critical flaw in its WebLogic Server under active attack.

Oracle issued an out-of-band security update over the weekend to address a critical remote code execution (RCE) vulnerability impacting multiple Oracle WebLogic Server versions.

In June 2019, Oracle said that a critical remote code-execution flaw in its WebLogic Server (CVE-2019-2729) was being actively exploited in the wild.

Oracle warns of attacks against recently patched WebLogic security bug Oracle patched the bug last month but attacks began after proof-of-concept code was published on GitHub.

Hackers are targeting Oracle WebLogic servers to infect them with a new Linux malware named "Hadooken," which launches a cryptominer and a tool for distributed denial-of-service (DDoS) attacks.

Oracle launches WebLogic Server 12c, a major revision of the company's Java app server with enhancements to better support cloud computing.

Servers are again at risk for the Oracle WebLogic Server flaw because of a faulty patch.