CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited

CISA added Oracle WebLogic flaw CVE-2024-21182 to its KEV catalog, giving federal agencies until June 4 to patch exposed ...
The Hacker News

Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation

CVE-2024-21182 entered CISA's KEV catalog after active exploitation evidence, requiring federal patching by June 4, 2026.
CSO Online

Two-year old Oracle WebLogic Server vulnerability is being exploited

Its inclusion in the US CISA catalog of known exploited vulnerabilities is a warning to admins that patching is needed now.
SecurityWeek

Oracle WebLogic Vulnerability Exploited in the Wild

CISA is warning organizations that an Oracle WebLogic vulnerability patched nearly two years ago is being exploited in the ...
Bleeping Computer

CISA flags two-year-old Oracle flaw as actively exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched ...
Threat Post

New ‘Sodinokibi’ Ransomware Exploits Critical Oracle WebLogic Flaw

A recently-patched critical flaw in Oracle WebLogic is being actively exploited to peddle a new ransomware variant, which researchers call “Sodinokibi.” A recently-disclosed critical vulnerability in ...
Dark Reading

Prophet Spider Exploits WebLogic CVEs to Enable Ransomware Attacks

The Prophet Spider threat actor is running multiple campaigns in which attackers exploit Oracle WebLogic server flaws to access target environments then pass on their access to attackers who deploy ...