Bleeping Computer

Oracle silently fixes zero-day exploit leaked by ShinyHunters

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters ...
Bleeping Computer

CISA warns of critical Oracle, Mitel flaws exploited in attacks

CISA has warned U.S. federal agencies to secure their systems against critical vulnerabilities in Oracle WebLogic Server and Mitel MiCollab systems that are actively exploited in attacks. The ...
heise online

Oracle protects applications against possible attacks with 318 security updates

Admins of companies with Oracle applications should install the security updates that are now available promptly. If this is not done, attackers can completely compromise systems in the worst case. In ...
TechRadar

Oracle servers targeted by new Linux malware to steal passwords, crypto

Criminals have been spotted abusing poorly-defended Oracle WebLogic servers to mine cryptocurrency, build a DDoS botnet, and more. Cybersecurity researchers Aqua saw several attacks in the wild, and ...
CSOonline

Critical Mitel, Oracle flaws find active exploitation, CISA urges patching

CISA added the flaws to its known vulnerability catalog, recommending swift patching pursuant to Binding Operational Directive (BOD) 22-01. Attackers are actively expoiting flaws in Mitel MiCollab ...
CSOonline

New cryptomining campaign infects WebLogic servers with Hadooken malware

A new attack campaign compromises misconfigured Oracle WebLogic servers and deploys a backdoor program called Hadooken along with a cryptocurrency mining program, apparently to take advantage of weak ...
Dark Reading

'Hadooken' Malware Targets Oracle's WebLogic Servers

A threat actor is dropping a cryptominer and distributed denial-of-service (DDoS) malware on Oracle WebLogic Servers using "Hadooken." Researchers at Aqua Nautilus spotted the malware when it hit one ...