The vulnerability, CVE-2024-21182, affects Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0.
Tag: Oracle
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks PAN-OS flaw, tracked as CVE-2024-21182 (CVSS score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2024-21182 flaw is an easily exploitable vulnerability affecting Oracle WebLogic…
AI, Exploits, Global Security News, Government & Policy
CISA flags two-year-old Oracle flaw as actively exploited in attacks
CISA has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now actively exploited in attacks. […]
AI, Cybersecurity, Exploits, Global Security News, Network Security
Oracle’s first monthly patch release fixes 35 flaws, including 11 rated ‘critical’
Oracle has released the first security fixes in its new monthly Critical Security Patch Update (CSPU) cycle, designed to address urgent vulnerabilities that can’t wait for the company’s quarterly patching. The initial batch addresses 35 flaws, including several for which exploit code is publicly available. In total, there are 11 flaws rated ‘critical’, 18 rated…
AI, APAC, Apps, Global Security News
Oracle will patch more often to counter AI cybersecurity threat
Oracle plans to issue security patches for its ERP, database, and other software on a monthly cycle, rather than quarterly, to respond to the increased pace of AI-enabled software vulnerability discovery. Other software vendors, notably Microsoft, SAP, and Adobe, already release patches on a monthly beat, always on the second Tuesday of each month. Oracle,…
AI, Global Security News
Oracle rolls out monthly security patch updates
Oracle is changing how its security fixes are delivered: starting in May 2026, there will be a monthly Critical Security Patch Update. “Each [monthly] CSPU is smaller and more focused, making it easier to apply critical fixes quickly [to customer-managed deployments],” Oracle says. Quarterly Critical Patch Updates (CPUs) remain in place and will continue to…
AI, APAC, Apps, Global Security News, Network Security, Risk Management
Oracle Builds for AI While Channel Rivals Chase Share
Oracle is reshaping its enterprise strategy around AI, multicloud infrastructure, and deeper ties with hyperscale partners such as AWS. But as the company pours billions into data centers, pushes agentic AI across its portfolio, and cuts jobs to support that transition, rivals see an opening to compete more aggressively for Oracle-adjacent workloads. That opportunity is…
AI, Global Security News, Network Security
VirtualBox 7.2.8 is out with Linux kernel 7.0 support and crash fixes
Oracle shipped VirtualBox 7.2.8 on April 21, 2026, as a maintenance release covering crashes, networking problems, clipboard issues, and extended Linux kernel compatibility. The update touches the VMM layer, NAT networking, graphics, UEFI, and both Linux and Windows guest support. VMM and core stability A Guru Meditation error carrying the code VERR_IEM_IPE_4 is fixed in…
AI, Global Security News
Celonis and Oracle expand collaboration to power Enterprise AI and accelerate IT modernisation
Celonis and Oracle have expanded their long-standing collaboration opening up additional features to joint customers.
AI, Compliance, Global Security News, Risk Management
Oracle Shifts AI Strategy to Database-Centric Approach
At its latest stop on the Oracle AI World Tour in London, Oracle took a slightly different stance on AI. Instead of leaning into the model race like so many others, the company is making a case for putting the database at the center of how agentic AI actually works in practice. Oracle targets agentic…
AI, Global Security News
Real-time Analytics News for the Week Ending March 28
In this week’s real-time analytics news: Oracle announced new agentic AI features for Oracle AI Database. The post Real-time Analytics News for the Week Ending March 28 appeared first on RTInsights.
Global Security News
Meet the ‘Corporate Bro’ Making Millions Satirizing Tech Sales
Ross Pomerantz, a former Oracle employee, has carved out a lucrative niche in a crowded creator economy.
Exploits, Global Security News
Attackers Rapidly Weaponize Critical Oracle WebLogic RCE, Honeypot Study Finds
Attackers rapidly exploited a critical Oracle WebLogic RCE flaw the same day exploit code was released, according to a CloudSEK honeypot study
AI, Apps, Global Security News, Risk Management
Opkey Debuts Solution to Solve Enterprise SaaS Release Fatigue
Opkey, a provider of a cloud application lifecycle management (CALM) platform for Oracle, Workday, Coupa, UKG, and others, has announced the release of an agentic AI-powered solution to rapidly turn enterprise SaaS releases into tailored insights, impact analysis, and testing plans for unique environments. Speeding up Oracle and Workday release analysis The Opkey Release Advisor…
AI, Global Security News
Oracle Launches AI Customer Excellence Centre to Drive Innovation Across Australia and Oceania
Sydney-based Oracle AI Customer Excellence Centre will serve as a regional hub to help organisations adopt the latest AI innovations and accelerate business transformation.
Exploits, Global Security News
Oracle issues emergency fix for pre-auth RCE in Identity Manager (CVE-2026-21992)
Oracle has released an out-of-band patch for a critical and easily exploitable vulnerability (CVE-2026-21992) in Oracle Identity Manager and Oracle Web Services Manager. The company did not say whether the vulnerability has been exploited as a zero-day, but has urged customers to apply the updates or provided mitigations as soon as possible. About CVE-2026-21992 CVE-2026-21992…
Global Security News
Oracle vulnerability (CVE-2026-21992) impacts core products
Categories: Threat Research Tags: advisory, vulnerability, Oracle
AI, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager
Oracle fixed a critical severity flaw, tracked as CVE-2026-21992, enabling unauthenticated remote code execution in Identity Manager. Oracle released security updates to address a critical vulnerability, tracked as CVE-2026-21992 (CVSS score of 9.8), affecting Identity Manager and Web Services Manager. The flaw lets unauthenticated attackers over HTTP take control of Oracle Identity Manager and Web…
GeekGuyBlog
Native Launches With Security Control Plane for Multicloud
Discover how Native’s new security control plane enhances multicloud security management, simplifying policy enforcement across major platforms.
AI, Exploits, Global Security News
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
Oracle has released security updates to address a critical security flaw impacting Identity Manager and Web Services Manager that could be exploited to achieve remote code execution. The vulnerability, tracked as CVE-2026-21992, carries a CVSS score of 9.8 out of a maximum of 10.0. “This vulnerability is remotely exploitable without authentication,” Oracle said in an…
GeekGuyBlog
Oracle’s Fusion Middleware Critical RCE Vulnerability Prompts Urgent Patching
Oracle’s urgent patch addresses a critical RCE vulnerability in Fusion Middleware, highlighting serious security risks for exposed services.
Global Security News
Oracle pushes emergency fix for critical Identity Manager RCE flaw
Oracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in Identity Manager and Web Services Manager tracked as CVE-2026-21992. […]
AI, Global Security News, Network Security, privacy
Java 26 ships with new cryptography API and HTTP/3 support
Oracle released JDK 26, the 17th consecutive feature release delivered under the six-month cadence the project adopted in 2018. The release includes ten JDK Enhancement Proposals spanning language changes, garbage collection improvements, cryptographic tooling, and network protocol support. PEM encoding API targets cryptographic integration JEP 524 introduces a second preview of a PEM encoding API…
AI, APAC, Global Security News
Oracle Faces Layoffs Amid Costly AI Push
Oracle is apparently preparing to cut thousands of jobs as the company ramps up spending on AI. Or, more specifically, the infrastructure needed to support AI workloads. The layoffs could begin as soon as this month and would affect multiple divisions, according to reports. The move comes as Oracle pours billions into building data centers…
AI, Apps, Data Breaches, Exploits, Global Security News
Oracle EBS 2025 campaign impacts Madison Square Garden, sensitive data leaked
Madison Square Garden confirmed a data breach tied to the 2025 Oracle E-Business Suite hacking campaign. Madison Square Garden (MSG) has confirmed it was affected by a data breach linked to the 2025 cybercrime campaign targeting Oracle’s E-Business Suite (EBS) customers. Madison Square Garden (MSG) is a world-famous multi-purpose indoor arena located in New York…
Global Security News
Tech, Media & Telecom Roundup: Market Talk
Find insight on Oracle, the selloff in software stocks and more in the latest Market Talks covering Technology, Media and Telecom.
Global Security News
Tech, Media & Telecom Roundup: Market Talk
Find insight on Oracle, the selloff in software stocks and more in the latest Market Talks covering Technology, Media and Telecom.