Hackers abuse Oracle WebLogic Server Vulnerability CVE-2019-2725 to deliver Monero Miner. The vulnerability is easily exploitable, any unauthenticated attacker with HTTP access to the server can attack without authentication. Trend Micro observed a new cryptocurrency-mining activity involving the vulnerability and to hide the malicious code they used certificate files. Last month another campaign leveraged the vulnerability to download Sodinokibi ransomware and to encrypt the customers systems. It is recommended to patch the vulnerability.”]
Source: https://gbhackers.com/oracle-weblogic-server-vulnerability-2/