Honey for Hackers: A Study of Attacks Targeting the Recent CVE-2026-21962 and Other Critical WebLogic Vulnerabilities on a High Interactive Oracle Honeypot A high-interaction honeypot emulating an unpatched Oracle WebLogic Server (v14.1.1.0.0) recorded immediate and widespread exploitation attempts against the newly disclosed unauthenticated RCE CVE-2026-21962, plus continued scans targeting older critical WebLogic RCEs over a 12-day period (Jan 22–Feb 3, 2026). Attackers quickly weaponized the public exploit and used rented VPS (e.g., DigitalOcean, HOSTGLOBAL.PLUS), automated scanners (libredtail-http, Nmap NSE) and common techniques like path traversal and Java deserialization to gain RCE, underscoring urgent patching and layered defenses. #CVE-2026-21962 #OracleWebLogic

A high-interaction honeypot captured rapid exploitation of CVE-2026-21962 and ongoing attacks on older Oracle WebLogic RCEs using rented VPS, automated scanners, path traversal, and Java deserialization techniques. #OracleWebLogic #RCEAttacks

Mitel 0-day, 5-year-old Oracle RCE exploited in the wild 3 CVEs added to CISA's catalog

Mitel の 0-day、5 年前の Oracle RCE バグがアクティブに悪用される

Mitel 0-day, 5-year-old Oracle RCE bug under active exploit #Register (Jan 8)

#MitelMiCollab #OracleWebLogic #ゼロデイ脆弱性 #リモートコード実行 #サイバーセキュリティ

New Linux Malware Campaign Exploits Oracle Weblogic to Mine Cryptocurrency New Linux malware 'Hadooken' targets Oracle Weblogic, deploys crypto miners and DDoS botnet. Exploits vulnerabilities for lateral movement.

New Linux Malware Campaign Exploits Oracle Weblogic to Mine Cryptocurrency
thehackernews.com/2024/09/new-...
#Infosec #Security #Cybersecurity #CeptBiro #LinuxMalwareCampaign #Exploits #OracleWeblogic #MineCryptocurrency

Oracle warnt vor erheblicher WebLogic-Sicherheitslücke Aufgrund eines kritischen WebLogic-Fehlers rät Oracle dri...

Erhebliche Sicherheitslücke: Oracle rät WebLogic-Usern dringend zur Installation von Updates. http://ow.ly/61zs50uN9Qr

#OracleWebLogic #WebLogic #OracleSecurityAlert