Oracle WebLogic Server OS Command Injection Flaw Under Active Attack
June 4, 2024 at 12:06AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw in Oracle WebLogic Server to the catalog of Known Exploited Vulnerabilities, allowing unauthorized server access and control. A China-based group, 8220 Gang, has used the flaw for crypto-mining botnet attacks. Federal agencies are advised to apply fixes by … Read more