Trend Micro researchers observed a recent attack from the 8220 Gang exploiting the Oracle WebLogic vulnerability CVE-2017-3506 (CVSS score of 7.4) captured by one of their honeypots.