CRN

Oracle Warns Of Major WebLogic Vulnerability

In an advisory issued earlier this week, Oracle said an exploit has begun circulating that affects WebLogic Server applications that use versions of the WebLogic plug-in for Apache server released ...
Dark Reading

Critical Flaw in Oracle Identity Manager Under Exploitation

The exploitation of CVE-2025-61757 follows a breach of Oracle Cloud earlier this year and a extortion campaign against Oracle ...
The Register on MSN

CISA orders feds to patch Oracle Identity Manager zero-day after signs of abuse

Agencies have until December 12 to mitigate flaw that was likely exploited before Big Red released fix CISA has ordered US ...
The Hacker News

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability

CISA adds exploited Oracle Identity Manager CVSS 9.8 flaw to KEV catalog as agencies rush to patch zero-day attacks.
InfoWorld

Oracle issues warning over dangerous WebLogic flaw

Oracle is scrambling to create an emergency patch for a severe vulnerability in its WebLogic server that can be exploited over a network without a need for a username or a password Oracle is ...
Bleeping Computer

Oracle silently fixes zero-day exploit leaked by ShinyHunters

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters ...
Ars Technica

Oracle vulnerability that executes malicious code is under active attack

Recently patched WebLogic security bug requires little skill and no authentication. Some programmer at tangosol P/O'd about the Oracle acquisition and left that gem in there? I love seeing these ...