Oracle is urging customers to fast-track a patch for a critical flaw in its WebLogic Server under active attack. The company said it has received numerous reports that attackers were targeting the ...

The recent attacks and the bypass of the original patch are what drove Oracle to issue a second set of patches on Sunday, in a rare out-of-band security update. Companies that run WebLogic servers ...

Oracle also says that the vulnerability is related to CVE-2020-14882, another 9.8 out of 10 critical WebLogic Server flaw that was addressed in the October 2020 Critical Patch Update, two weeks ago.

In June 2019, Oracle said that a critical remote code-execution flaw in its WebLogic Server (CVE-2019-2729) was being actively exploited in the wild.

For the new release of its WebLogic, Oracle has tailored the enterprise Java application server so that it can be used more easily in cloud deployments.

Oracle WebLogic is a Java application server and it’s used by many businesses to build and deploy enterprise applications. Its popularity and widespread use has made it a target in the past.

Oracle warns of attacks against recently patched WebLogic security bug Oracle patched the bug last month but attacks began after proof-of-concept code was published on GitHub.