Hackers are actively exploiting a recently-patched zero-day vulnerability in Oracle WebLogic server to install ransomware, with no end-user interaction required (Dan Goodin/Ars Technica)

Dan Goodin / Ars Technica:
Hackers are actively exploiting a recently-patched zero-day vulnerability in Oracle WebLogic server to install ransomware, with no end-user interaction required  —  High-severity hole in Oracle WebLogic under active exploit for 9 days.  Patch now.  —  Attackers have been actively exploiting …

from Techmeme http://bit.ly/2vyhSbn