WebLogic is a platform for running applications at enterprise scale, and is often present at financial services providers, e-commerce operations, and other business-critical systems.

Over the past year and a half, Oracle WebLogic servers have been targeted incessantly, especially by criminal groups engaged in crypto-mining operations. CVE-2017-10271, above all, has remained ...

Oracle WebLogic servers continue to be hard hit with exploits. In May 2020, Oracle urged customers to fast-track a patch for a critical flaw in its WebLogic Server under active attack.

Attackers are exploiting a recently disclosed WebLogic vulnerability to install a new ransomware called Sodinokibi. As this vulnerability is trivial to exploit, it is important that server admins ...

WebLogic zero-day has now received a patch According to a report Schultz's team published today, attackers exploited CVE-2019-2725, a zero-day in WebLogic 's WLS9_ASYNC and WLS-WSAT components.

At the beginning of December, Oracle released WebLogic Server 12c. The new version of WebLogic is the first release of the application server to fully support the Java EE 6 standard, originally appro ...

Originally from BEA Systems, WebLogic Server applications are accessed by a Web browser or Java client. WebLogic Server is the core product of BEA WebLogic, which Oracle acquired in 2008.

Threat actors have started to hunt for servers running Oracle WebLogic instances vulnerable to a critical flaw that allows taking control of the system with little effort and no authentication.