Malicious activity exploiting the Oracle WebLogic critical deserialization vulnerability (CVE-2019-2725) is surging. The bug is a remote code execution bug that is remotely exploitable without authentication. The vulnerability was disclosed on April 26, 2019 though exploitation for what was then a zero-day had already begun. Attackers have already distributed a new variant of the Muhstik botnet, which is used to launch distributed-denial-of-service attacks and cryptojacking attacks.
Source: https://threatpost.com/oracle-weblogic-exploit-gandcrab-xmrig/144419/