SEARCH
Archive
Java Crypto Bug Allows Forging of Signatures, Certificates
A critical bug in Java's implementation of ECDSA (CVE-2022-21449) can allow an attacker to forge a signature or certificate to deliver virtually any payload.
Oracle Releases Emergency Patch for WebLogic Flaw
Oracle has pushed an emergency patch for CVE-2020-14750, a remotely exploitable flaw in its WebLogic application server.
Attackers Using Oracle WebLogic Flaw to Install Sodinokibi Ransomware
The Sodinokibi ransomware is being installed on vulnerable Oracle WebLogic servers that haven't been patched against CVE-2019-2725.