CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited

CISA added Oracle WebLogic flaw CVE-2024-21182 to its KEV catalog, giving federal agencies until June 4 to patch exposed servers.
CSOonline

Two-year old Oracle WebLogic Server vulnerability is being exploited

Its inclusion in the US CISA catalog of known exploited vulnerabilities is a warning to admins that patching is needed now. US federal government departments have been given until Thursday to patch a ...
Morning Overview on MSN

A 9.8-rated Oracle flaw let hackers seize servers for two weeks before any patch existed

Organizations running Oracle WebLogic Server faced active attacks for roughly two weeks before any official fix arrived, ...
Bleeping Computer

New Linux malware Hadooken targets Oracle WebLogic servers

Hackers are targeting Oracle WebLogic servers to infect them with a new Linux malware named "Hadooken," which launches a cryptominer and a tool for distributed denial-of-service (DDoS) attacks. The ...
PC Magazine

BEA WebLogic Server

A Java EE application server from Oracle. Originally from BEA Systems, WebLogic Server applications are accessed by a Web browser or Java client. WebLogic Server is the core product of BEA WebLogic, ...