Hackers have started scanning the Internet, searching for Oracle WebLogic servers after Oracle published its quarterly Critical Patch Update (CPU) security advisory. The April 2018 CPU contained a patch for CVE-2018-2628, a vulnerability in the WLS core component of the Web Logic, a Java EE application server. The flaw was discovered and reported by Liao Xinxi of NSFOCUS Security Team and an independent security researcher named loopx99. A user named Brianwrf created and released proof-of-concept (PoC) code on GitHub that could exploit this flaw.
Source: https://www.bleepingcomputer.com/news/security/hackers-scan-the-web-for-vulnerable-weblogic-servers-after-oracle-botches-patch/