Security News
One PUT request, one poisoned session file, and the server’s yours A trivial flaw in Apache Tomcat that allows remote code execution and access to sensitive files is said to be under attack in the...
A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public...
A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling attackers to take over servers with a simple PUT request. [...]
The Apache Software Foundation (ASF) has released a security update to address an important vulnerability in its Tomcat server software that could result in remote code execution (RCE) under...
Apache has released a security update that addresses an important vulnerability in Tomcat web server that could lead to an attacker achieving remote code execution. [...]
Misconfigured and poorly secured Apache Tomcat servers are being targeted as part of a new campaign designed to deliver the Mirai botnet malware and cryptocurrency miners. The findings come...
A vulnerability in the popular Apache Tomcat web server is ripe for active attack, thanks to a proof-of-concept exploit making an appearance on GitHub. The Apache Tomcat open-source web server supports various JavaScript-based technologies, including the Apache JServ Protocol interface, which is where the vulnerability resides.
A vulnerability in the popular Apache Tomcat web server is ripe for active attack, thanks to a proof-of-concept exploit making an appearance on GitHub. The Apache Tomcat open-source web server supports various JavaScript-based technologies, including the Apache JServ Protocol interface, which is where the vulnerability resides.
Hackers have started scanning the web in search of Apache Tomcat servers affected by a recently disclosed vulnerability tracked as CVE-2020-1938 and dubbed Ghostcat. Bad Packets told SecurityWeek on Wednesday that the scanning activity they have detected is designed to enumerate vulnerable servers by checking for the path "/WEB-INF/web.