Oracle warns a server flaw is being weaponised.
The company disclosed a bug in its database software that a known cybercrime group is actively exploiting. Google says it has warned more than 100 organisations that their servers may be vulnerable. The gang claims the flaw lets them gain remote code execution and move laterally within networks. Oracle urged customers to apply the pending patch immediately.
The incident highlights the risk of unpatched enterprise software. Even well‑funded attackers can leverage a single flaw to compromise many firms at once, forcing IT teams to prioritise patch management. It also shows how quickly a vulnerability can become a headline‑making campaign when a large‑scale botnet is involved.
If you thought enterprise patches were optional, this breach suggests otherwise—security teams may need to treat every update as urgent.