Security News
Hackers are attempting to leverage a recently fixed critical vulnerability in Apache Struts that leads to remote code execution, in attacks that rely on publicly available proof-of-concept exploit code. Apache Struts is an open-source web application framework designed to streamline the development of Java EE web apps, offering a form-based interface and extensive integration capabilities.
Apache has released a security advisory warning of a critical security flaw in the Struts 2 open-source web application framework that could result in remote code execution. Tracked...
The Apache Struts project has released updates for the popular open-source web application framework, with fixes for a critical vulnerability that could lead to remote code execution. The vulnerability affects Apache Struts versions 2.0.0 through 2.5.32 and 6.0.0 through 6.3.0.1, and has been fixed in Apache Struts versions 2.5.33 and 6.3.0.2.
The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called GoTitan as well as a .NET program...
How LockBit used Citrix Bleed to breach Boeing and other targetsCVE-2023-4966, aka "Citrix Bleed", has been exploited by LockBit 3.0 affiliates to breach Boeing's parts and distribution business, and "Other trusted third parties have observed similar activity impacting their organization," cybersecurity and law enforcement officials have confirmed on Tuesday. Apache ActiveMQ bug exploited to deliver Kinsing malwareAttackers are exploiting a recently fixed vulnerability in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems.
Attackers are exploiting a recently fixed vulnerability in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. Apache ActiveMQ is a popular Java-based open source message broker that allows communication between applications and services by translating messages exchanged via different protocols.
The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits. "Once Kinsing...
The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems. Kinsing malware targets Linux systems and its operator is notorious for leveraging known flaws that are often overlooked by system administrators.
Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory. Tracked as CVE-2023-46604 (CVSS...
Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7 said it observed the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer environments, some of which have been leveraged for the deployment of Cerber ransomware. Both vulnerabilities are critical, allowing threat actors to create unauthorized Confluence administrator accounts and lead to data loss.