A recently patched Java vulnerability is already being exploited by cybercriminals in mass attacks. The vulnerability, identified as CVE-2013-2423, was one of the 42 security issues fixed in Java 7 Update 21. An exploit for the vulnerability was integrated into a high-end Web attack toolkit known as Cool Exploit Kit. The attacks started on April 21 and are still active as of Tuesday, Finnish antivirus vendor F-Secure said. Users should only agree to run Java applets from websites that they trust.”]