The exploit toolkit is currently based entirely on two Java vulnerabilities that have been patched by Oracle, said Dancho Danchev, a security blogger and cyberthreat analyst at the Broomfield, ...