I think this is a "trend effect" which is also the drive under everything about fashion (in the "clothing" sense). Please allow the local Frenchman to talk about fashion.

Fashion is a deeply self-contradictory social behaviour. People who follow fashions seek both:

to gain acceptance in a given local group by displaying adherence to perceived agreed upon codes (e.g. the arbitrary choices of cloth shapes and textures and colours);

to gain visibility within the same group by displaying a bold (implicitly: bolder than other group members) will to embody the most up-to-date or even future social codes for that group.

In effect, the fashion-victim must be both a leader and a follower. If the context were electronics, we would say that we observe a circuit with positive feedback, which must necessarily exhibit sharp transitions between locally stable configurations. An extra effect is that, in clothing fashion, the only universal effect is fast depreciation: no fashion may ever remain active for more than a few months. In short words, fashion is fast-pace, and when it tilts one way ever so slightly, everybody rushes in that direction. This explains the way fashions come and go with violent abruptness.

Hackers are the geek version of fashion victims. Their interest and efforts are always driven by what seems to be "hot subjects". People who spend their days and nights on keyboards are often very sensitive to social exclusion (since they get little society on average) so they abhor the idea of concentrating on an "has been" technology which would deprive them of the last shreds of peer recognition that they may hope for. Therefore, when a topic seems to promise glory, they all run towards it. "Glory" can here be equated with "slashdottable".

In the specific case of security and Java, the trigger may well have been, indeed, the acquisition of Sun by Oracle. Oracle is a known "bad guy" so there always is some fame in finding security holes in Oracle's products (computer people have always had a soft spot for nihilism). Moreover, the security model of Java (the applet model) looks ripe with potential vulnerabilities: in the Java applet model, the "security perimeter", which is the boundary between the hostile world (the applet code itself) and the protected world (the host system) goes through the standard library API: hundreds of system classes must check and enforce the complex system of permissions. The attack surface is huge. There MUST be holes now and then. Sun's people were quite good at what they did, but making the applet model safe would take divine development powers.

As soon as a few bugs were found and publicized, the idea of unclaimed reputation riches went through the collective hackers' minds like a fire in the savannah, and they all rushed. Such is the power of Bonanza. Once brains are ablaze with the promise of wealth (in this case, Twitter followers or Slashdot scores), there is no stopping them.

It will end soon, though. "Java bugs are soooo 2013 !"