Security News

A Critical security flaw (CVE-2018-11776) impacts Apache Struts 2.3 through 2.3.34, Struts 2.5 through 2.5.16, and possibly unsupported versions of the popular Java framework.

Oracle informed customers over the weekend that some of the company’s products are affected by a critical Apache Struts 2 vulnerability that has been exploited in the wild. read more

Underground forums alight with Struts chat, we hear A recently uncovered critical vulnerability in Apache Struts is already being exploited in the wild.…

A Critical remote code execution vulnerability in Apache Struts 2 that was patched last week is already being abused in malicious attacks, threat intelligence firm Volexity warns. read more

The Apache Software Foundation revealed last week the existence of a critical Apache Struts flaw (CVE-2018-11776) similar to the one exploited in the Equifax breach and urged organizations and...

Exploit code for a read more

Here’s an overview of some of last week’s most interesting news and articles: The importance of career pathing in the cybersecurity industry A major issue facing our industry right now is a...

Researchers find proof-of-concept code that can take advantage of the recently identified Apache Struts framework (CVE-2018-11776) vulnerability.

In September 2017, Equifax disclosed that a failure to patch one of its Internet servers against a pervasive software flaw -- in a Web component known as Apache Struts -- led to a breach that...

Apache has patched a critical remote code-execution vulnerability in Struts 2, and users should update immediately.