This can be exploited to execute arbitrary code when a user visits a malicious web site using a Java-enabled browser e.g. Safari or Firefox." ...

The Department of Homeland Security says despite some fixes to Java, it continues to recommend users disable the program in their Web browsers, because it remains vulnerable to attacks that could ...

WebAssembly JVM promises to run ‘very large’ unmodified Java applications in modern browsers without plugins or a Java installation.

A recent Java 7 update allows users to completely prevent Java applications from running inside browsers or to restrict how Web-based Java content is handled by the Java Runtime Environment client.

Oracle's new customer warnings are aimed at users of Java Web browser plug-ins, educating users about risks associated with older versions of Java and with uncertified Web-based apps.

Oracle fixed on Tuesday 127 security issues in Java, its database and other products, patching some flaws that could let attackers take over systems.