Morning Overview on MSN

A 9.8-rated Oracle flaw let hackers seize servers for two weeks before any patch existed

Organizations running Oracle WebLogic Server faced active attacks for roughly two weeks before any official fix arrived, ...

CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited

CISA added Oracle WebLogic flaw CVE-2024-21182 to its KEV catalog, giving federal agencies until June 4 to patch exposed servers.
Bleeping Computer

Oracle issues emergency patch for critical WebLogic Server flaw

Oracle issued an out-of-band security update over the weekend to address a critical remote code execution (RCE) vulnerability impacting multiple Oracle WebLogic Server versions. The security ...
Hosted on MSN

Inside Oracle's zero-day chaos: how Clop rewrote the ransomware rulebook

In August 2023 a zero day was dropped by one of the most functional ransomware gangs and wasand was unknown to most, including security researchers and journalists. CVE-2023-21839, a vulnerability in ...