At the beginning of December, Oracle released WebLogic Server 12c. The new version of WebLogic is the first release of the application server to fully support the Java EE 6 standard, originally appro ...

Attackers are exploiting a recently disclosed WebLogic vulnerability to install a new ransomware called Sodinokibi. As this vulnerability is trivial to exploit, it is important that server admins ...

Oracle WebLogic servers continue to be hard hit with exploits. In May 2020, Oracle urged customers to fast-track a patch for a critical flaw in its WebLogic Server under active attack.

Originally from BEA Systems, WebLogic Server applications are accessed by a Web browser or Java client. WebLogic Server is the core product of BEA WebLogic, which Oracle acquired in 2008.

WebLogic zero-day has now received a patch According to a report Schultz's team published today, attackers exploited CVE-2019-2725, a zero-day in WebLogic 's WLS9_ASYNC and WLS-WSAT components.

Over the past year and a half, Oracle WebLogic servers have been targeted incessantly, especially by criminal groups engaged in crypto-mining operations. CVE-2017-10271, above all, has remained ...

A botnet known as DarkIRC is actively targeting thousands of exposed Oracle WebLogic servers in attacks designed to exploit the CVE-2020-14882 remote code execution (RCE) vulnerability fixed by ...

WebLogic is a platform for running applications at enterprise scale, and is often present at financial services providers, e-commerce operations, and other business-critical systems.