Threat actors exploited the CVE-2017-10271 vulnerability which allows for remote code execution to deliver both a 64-bit variant and a 32-bit variant of an XMRig Monero miner, according to a 26 February blog post.
A malicious campaign that's been exploiting a vulnerability in Oracle's WebLogic application servers in order to install a Monero cryptominer on victims' machines spreads the threat worldwide, across virtually all industry sectors.
Oracle recently patched a Micros point-of-sale vulnerability which could have allowed an attacker to read any file and receive information about various services without authentication from a vulnerable MICROS workstation.
Oracle Corporation issued a series of emergency patches on Tuesday last week, fixing five vulnerabilities in its Tuxedo middleware platform, including a critical one that has been compared to Heartbleed.
Oracle Corp's quarterly Critical Patch Update (CPU) has fixes for 252 vulnerabilities, including extremely severe bugs found in the company's Hospitality Applications, Siebel CRM solution, and PeopleSoft HR software.
Oracle issued seven security updates to patch vulnerabilities found in Apache Struts 2.
Oracle CSO Mary Ann Davidson penned a blog post on Monday and warned researchers they would receive a legal letter if they continued to reverse engineer the company's code.
Patch Tuesday sees major slew of vulnerabilities to be fixed
Hundreds of thousands of visitors to the Yahoo.com website may have encountered malware from the website's own advertising servers, according to security experts.
Oracle say 12 of the new vulnerabilities identified in Java could allow full take-over of a device if left unfixed.
Oracle has said that making Java more secure is a priority, as it lines up regular patch updates.
Oracle has announced a security update for the zero-day flaw in Java that was widely reported last week that will be released soon.