Java is soon to be gone from the browser. There isn't a huge amount of news about it considering the level of impact that it will potentially cause, there needs to be a lot more articles like the following link hitting the media.
There seems to be minimal awareness that Mozilla, Google and even MS are already deprecating various levels of plug in support on their browsers. Focussing on the imminent withdrawal of Oracle's Java plug in, a lot of companies used the browser JVM to web enable parts of their core or legacy systems for customer facing components of their stack.
These are often discrete functions and thus forgotten, it would be better if they just stopped working but what's worse is they will continue to function as normal for the period until users update their browsers to later versions where support has been withdrawn.
However without the Java security patches this continued use will present an easy target for cycber criminals, the immediate victim will be the customer, the potentially larger casualty will be the brand and reputation of the company involved. My fear is that organisations may act to late and then put pressure on clients and users to stay on unsafe tech while they catch up.
This is a useful opportunity for partners to engage with customers and add real value by addressing this really urgent issue.