InfoWorld

Java zero-day vulnerability actively exploited by attackers

An exploit for a previously unknown and currently unpatched vulnerability in Java is being used by cybercriminals to infect computers with malware, according to security researchers. An independent ...
Dark Reading

Oracle Fixes Zero Day Java Flaws: Patch Now

Oracle released an out-of-band patch Sunday to fix two zero-day vulnerabilities in Java that are being actively exploited by attackers. A security alert from Oracle said that the patched ...
Bleeping Computer

New Spring Java framework zero-day allows remote code execution

A new zero-day vulnerability in the Spring Core Java framework called 'Spring4Shell' has been publicly disclosed, allowing unauthenticated remote code execution on applications. Spring is a very ...
CSOonline

Evernote hack forces 50 million to reset passwords, yet another new Java zero-day

Yet another new Java zero-day being exploited in the wild On that note, the malware intelligence lab FireEye warned that there is yet another Java zero-day that is successfully being exploited ...