CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited

CISA added Oracle WebLogic flaw CVE-2024-21182 to its KEV catalog, giving federal agencies until June 4 to patch exposed ...
Morning Overview on MSN

A 9.8-rated Oracle flaw let hackers seize servers for two weeks before any patch existed

Organizations running Oracle WebLogic Server faced active attacks for roughly two weeks before any official fix arrived, ...
SecurityWeek

Oracle WebLogic Vulnerability Exploited in the Wild

CISA is warning organizations that an Oracle WebLogic vulnerability patched nearly two years ago is being exploited in the ...
Bleeping Computer

CISA flags two-year-old Oracle flaw as actively exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched ...
The Hacker News

Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation

CVE-2024-21182 entered CISA's KEV catalog after active exploitation evidence, requiring federal patching by June 4, 2026.
ZDNet

Recent Oracle WebLogic zero-day used to infect servers with ransomware

A recently discovered zero-day vulnerability has been abused for over a week to infect Oracle WebLogic servers with at least two strands of ransomware, security researchers from Cisco Talos have told ...
InfoWorld

Automate resource configuration on WebLogic Server

Every deployable J2EE component must be specifically configured on the application server to function. For WebLogic Server, developers generally complete this configuration manually by using the ...
ZDNet

New Oracle WebLogic zero-day discovered in the wild

Security researchers have spotted a new zero-day vulnerability impacting the Oracle WebLogic server that is currently being targeted in the wild. Oracle has been notified of the zero-day, but the ...