Security News

CVE-2018-11776 — The Latest Apache Struts Vulnerability
2018-09-04 10:49

A Critical security flaw (CVE-2018-11776) impacts Apache Struts 2.3 through 2.3.34, Struts 2.5 through 2.5.16, and possibly unsupported versions of the popular Java framework.

Oracle Products Affected by Exploited Apache Struts Flaw
2018-09-04 10:22

Oracle informed customers over the weekend that some of the company’s products are affected by a critical Apache Struts 2 vulnerability that has been exploited in the wild. read more

Hackers latch onto new Apache Struts megavuln to mine cryptocurrency
2018-08-30 15:05

Underground forums alight with Struts chat, we hear A recently uncovered critical vulnerability in Apache Struts is already being exploited in the wild.…

Critical Apache Struts Vulnerability Exploited in Live Attacks
2018-08-28 14:07

A Critical remote code execution vulnerability in Apache Struts 2 that was patched last week is already being abused in malicious attacks, threat intelligence firm Volexity warns. read more

PoC exploit for critical Apache Struts flaw found online
2018-08-27 15:26

The Apache Software Foundation revealed last week the existence of a critical Apache Struts flaw (CVE-2018-11776) similar to the one exploited in the Equifax breach and urged organizations and...

Week in review: DNS interception, critical Apache Struts flaw, cybersecurity career pathing
2018-08-26 19:21

Here’s an overview of some of last week’s most interesting news and articles: The importance of career pathing in the cybersecurity industry A major issue facing our industry right now is a...

PoC Code Surfaces to Exploit Apache Struts 2 Vulnerability
2018-08-24 22:07

Researchers find proof-of-concept code that can take advantage of the recently identified Apache Struts framework (CVE-2018-11776) vulnerability.

Experts Urge Rapid Patching of ‘Struts’ Bug
2018-08-23 20:22

In September 2017, Equifax disclosed that a failure to patch one of its Internet servers against a pervasive software flaw -- in a Web component known as Apache Struts -- led to a breach that...

Apache Struts 2 Flaw Uncovered: ‘More Critical Than Equifax Bug’
2018-08-23 16:46

Apache has patched a critical remote code-execution vulnerability in Struts 2, and users should update immediately.