Researchers find proof-of-concept code that can take advantage of the recently identified Apache Struts framework (CVE-2018-11776) vulnerability.

Oracle released a record 299 patches, including a fix for a Solaris vulnerability disclosed by the ShadowBrokers, and another for the recently disclosed Apache Struts 2 flaw.

Attackers are attempting to exploit the recent Apache Struts vulnerability on Windows servers and the payload is a variant of the Cerber ransomware.