Oracle released a new warning that a previously patched Weblogic vulnerability CVE-2020-2883 is being exploited in the wild. The company further urged organizations should apply April CPUs without delay.
Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization's patch management efforts.
Cyber criminals are targeting vulnerable software and gaps in managed service providers' (MSP) security systems to distribute Sodin ransomware.
Oracle has released a patch for a critical vulnerability CVE-2019-2729 in Oracle WebLogic Server, exploited in the wild. The company also warns bad actors can remotely exploit the flaw without a username and password.
Trend Micro security researchers have spotted an Oracle vulnerability that is being abused to deliver dual Monero miner malware. The Oracle WebLogic WLS-WSAT vulnerability (CVE-2017-10271) allows remote code execution and was patched by Oracle back in October.