Security News

Updates released on Wednesday for the Apache Struts 2 open source development framework address a critical vulnerability that can be exploited for remote code execution. The flaw, tracked as...

Semmle security researcher Man Yue Mo has disclosed a critical remote code execution vulnerability in the popular Apache Struts web application framework that could allow remote attackers to run...

One year after researchers saw the first attempts to exploit a critical remote code execution flaw affecting the Apache Struts 2 framework, hackers continue to scan the Web for vulnerable servers....

A sophisticated multi-staged Apache Struts cyber attack campaign is abusing NSA-linked exploits to target internal networks, researchers from F5 Networks have discovered. read more

Oracle released fixes for a handful of recently patched Apache Struts 2 vulnerabilities late last week.

Oracle has released patches for many of its products to address several vulnerabilities in the Apache Struts 2 framework, including one that has been exploited in the wild for the past few weeks. read more

Equifax divulged on Wednesday that the culprit behind this summer's breach of 143 million Americans was an Apache Struts vulnerability, CVE-2017-5638, patched back in March.

U.S. credit reporting agency Equifax confirmed on Wednesday that an Apache Struts vulnerability exploited in the wild since March was used to breach its systems. read more

Confirmed: Hackers Behind Mega-Breach Exploited Struts Flaw, Patch Was AvailableEquifax made an error that led to one of the largest and most sensitive data breaches of all time, and the mistake...

The massive Equifax data breach that exposed highly sensitive data of as many as 143 million people was caused by exploiting a flaw in Apache Struts framework, which Apache patched over two months...