https://www.bleepingcomputer.com/news/security/oracle-plans-to-drop-java-serialization-support-the-source-of-most-security-bugs/

Oracle plans to drop support for data serialization/deserialization from the main body of the Java language, according to Mark Reinhold, chief architect of the Java platform group at Oracle.

Serialization is the process of taking a data object and converting it into a stream of bytes (binary format), so it can be transported across a network or saved inside a database, only to be deserialized later and used in its original form.