Tag: apache
-
CISA Alerts of Hackers Targeting Ivanti Endpoint Manager Mobile Vulnerabilities to Distribute Malware
Cyber threat actors have weaponized two critical Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities”, CVE-2025-4427 and CVE-2025-4428″, to deploy sophisticated malicious loaders and listeners on compromised servers. The malware consists of two sets of components: Loader 1 (web-install.jar, ReflectUtil.class, SecurityHandlerWanListener.class) and Loader 2 (web-install.jar, WebAndroidAppInstaller.class), both designed to inject arbitrary code and maintain persistence on Apache…
-
Apache Jackrabbit Vulnerability Exposes Systems to Remote Code Execution Attacks
A new security flaw has been discovered in Apache Jackrabbit, a widely used content repository system, potentially exposing thousands of applications to remote code execution (RCE) risks. The vulnerability, tracked asCVE-2025-58782, affects both Apache Jackrabbit Core and Apache Jackrabbit JCR Commons, with severity rated asimportant. The issue arises fromdeserialization of untrusted datawithin JNDI-based repository lookups.…
-
Apache DolphinScheduler Vulnerability Patched, Update Immediately
A low-severity security issue in Apache DolphinScheduler has been addressed in the latest release. Identified as CVE-2024-43166 and classified under CWE-276: Incorrect Default Permissions, this vulnerability affects all DolphinScheduler versions prior to 3.2.2. Users are strongly advised to upgrade to version 3.3.1 as soon as possible to mitigate potential risks. Apache DolphinScheduler is an open-source,…
-
Apache DolphinScheduler Vulnerability Patched, Update Immediately
A low-severity security issue in Apache DolphinScheduler has been addressed in the latest release. Identified as CVE-2024-43166 and classified under CWE-276: Incorrect Default Permissions, this vulnerability affects all DolphinScheduler versions prior to 3.2.2. Users are strongly advised to upgrade to version 3.3.1 as soon as possible to mitigate potential risks. Apache DolphinScheduler is an open-source,…
-
Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection
Hackers exploit Apache ActiveMQ flaw to install DripDropper on Linux, then patch it to block rivals and hide their tracks. Red Canary researchers observed attackers exploit a 2-year-old Apache ActiveMQ vulnerability, tracked as CVE-2023-46604 (CVSS score of 10.0), to gain persistence on cloud Linux systems and deploy DripDropper malware. Uniquely, they patch the flaw post-exploit…
-
Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection
Hackers exploit Apache ActiveMQ flaw to install DripDropper on Linux, then patch it to block rivals and hide their tracks. Red Canary researchers observed attackers exploit a 2-year-old Apache ActiveMQ vulnerability, tracked as CVE-2023-46604 (CVSS score of 10.0), to gain persistence on cloud Linux systems and deploy DripDropper malware. Uniquely, they patch the flaw post-exploit…
-
Critical Flaw in Apache Tika PDF Parser Exposes Sensitive Data to Attackers
A critical XML External Entity (XXE) vulnerability has been discovered in Apache Tika’s PDF parser module, potentially allowing attackers to access sensitive data and compromise internal systems. The flaw, tracked as CVE-2025-54988, affects a wide range of Apache Tika deployments and has prompted immediate security advisories from the Apache Software Foundation. Field Value CVE ID…
-
Apache ActiveMQ Breach Reveals Unusual Attacker Behavior
Tags: access, apache, breach, cyberattack, exploit, flaw, linux, remote-code-execution, update, vulnerabilitySecurity researchers have confirmed that a recent wave of cyberattacks is exploiting a critical vulnerability in Apache ActiveMQ, allowing attackers to compromise Linux servers and install long-term persistence tools. The attackers are not only gaining access through a known remote code execution flaw but are also patching the vulnerability afterward to cover their tracks. The……
-
Hackers Exploit Apache ActiveMQ Flaw to Breach Cloud Linux Servers
Tags: access, apache, attack, breach, cloud, cyber, cybersecurity, exploit, flaw, hacker, intelligence, linux, threat, update, vulnerabilityCybersecurity researchers have uncovered a sophisticated attack campaign where hackers exploiting a critical Apache ActiveMQ vulnerability are taking the unusual step of patching the security flaw after gaining access to victim systems. The Red Canary Threat Intelligence team observed this counterintuitive behavior across dozens of compromised cloud-based Linux servers, revealing a strategic approach to maintaining…
-
Like burglars closing a door, Apache ActiveMQ attackers patch critical vuln after breaking in
Intruders hoped no one would notice their presence First seen on theregister.com Jump to article: www.theregister.com/2025/08/19/apache_activemq_patch_malware/
-
Apache ActiveMQ Flaw Exploited to Deploy DripDropper Malware on Cloud Linux Systems
Threat actors are exploiting a nearly two-year-old security flaw in Apache ActiveMQ to gain persistent access to cloud Linux systems and deploy malware called DripDropper.But in an unusual twist, the unknown attackers have been observed patching the exploited vulnerability after securing initial access to prevent further exploitation by other adversaries and evade detection, Red Canary…
-
‘DripDropper’ Hackers Patch Their Own Exploit
An attacker is breaking into Linux systems via a widely abused 2-year-old vulnerability in Apache ActiveMQ, installing malware and then patching the flaw. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/dripdropper-hackers-patch-own-exploit
-
‘DripDropper’ Hackers Patch Their Own Exploit
An attacker is breaking into Linux systems via a widely abused 2-year-old vulnerability in Apache ActiveMQ, installing malware and then patching the flaw. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/dripdropper-hackers-patch-own-exploit
-
Apache bRPC Vulnerability Lets Attackers Crash Services Remotely via Network
A critical security vulnerability has been discovered in Apache bRPC that allows attackers to remotely crash services through network-based denial of service attacks. The vulnerability, designated as CVE-2025-54472, affects all versions of Apache bRPC prior to 1.14.1 and stems from improper memory allocation handling in the Redis protocol parser component. Vulnerability Details and Impact The…
-
OpenAI Bets on Open Models With GPT-OSS Launch
AI Powerhouse Releases Its First Public Model in 6 Years. OpenAI released its first open-weight reasoning models since GPT-2, unveiling gpt-oss-120b and gpt-oss-20b under the Apache 2.0 license. With performance approaching o-series benchmarks, the models are designed specifically for reasoning tasks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/openai-bets-on-open-models-gpt-oss-launch-a-29136
-
Apache Jena Vulnerability Allows Arbitrary File Access
Critical security vulnerabilities in Apache Jena have been disclosed that enable administrators to access and create files outside designated server directories, potentially compromising system security. Two distinct CVEs were published on July 21, 2025, affecting all versions of Apache Jena through 5.4.0, with administrators urged to upgrade to version 5.5.0 immediately to mitigate these risks.…
-
Trend Micro Worry Free Business 10.0 SP 1 Patch 2518 veröffentlicht
Der Sicherheitsanbieter Trend Micro hat zum 15.7.2025 Trend Micro Worry Free Business (WFBS) 10.0 SP 1 Patch 2518 veröffentlicht. Der Patch enthält diverse Sicherheitsfixes und soll auch verschiedene Bugs beheben. So wird OpenSSL 3.0.15 im Apache-Webserver aktualisiert, um die … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/18/trend-micro-worry-free-business-10-0-sp-1-patch-2518-veroeffentlicht/
-
Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner
Cybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryptocurrency miner called Linuxsys.The vulnerability in question is CVE-2021-41773 (CVSS score: 7.5), a high-severity path traversal vulnerability in Apache HTTP Server version 2.4.49 that could result in remote code execution.”The attacker leverages First seen on…
-
Kafbat UI Vulnerabilities Allow Arbitrary Code Execution via JMX Services
A critical security vulnerability has been discovered in Kafbat UI, a popular web-based interface for managing Apache Kafka clusters, allowing unauthenticated attackers to execute arbitrary code on affected systems through unsafe deserialization attacks. Critical Vulnerability Details The vulnerability, designated as CVE-2025-49127, affects Kafbat UI version 1.0.0 and stems from the application’s dynamic cluster configuration functionality…
-
Apache Tomcat Coyote Flaw Allows Attackers to Launch DoS Attacks
The Apache Software Foundation has revealed a vulnerability in the Tomcat Coyote module, specifically within the Maven artifact org.apache.tomcat:tomcat-coyote, that could enable malicious actors to orchestrate denial-of-service (DoS) attacks. This flaw stems from an uncontrolled resource consumption issue tied to HTTP/2 protocol handling, potentially allowing attackers to overwhelm server resources by manipulating stream concurrency limits.…
-
Apache Tomcat and Camel Vulnerabilities Actively Targeted in Cyberattacks
The Apache Foundation disclosed several critical vulnerabilities affecting two of its widely used software platforms, Apache Tomcat and Apache Camel, sparking immediate concern among cybersecurity experts and organizations worldwide. Apache Tomcat, a popular platform for running Java-based web applications, was found to have a severe flaw identified as CVE-2025-24813. This vulnerability, impacting versions 9.0.0.M1 to…
-
Apache Seata Flaw Enables Deserialization of Untrusted Data
A newly disclosed vulnerability in Apache Seata, a popular open-source distributed transaction solution, has raised security concerns for organizations relying on affected versions. The flaw, tracked as CVE-2025-32897, enables the deserialization of untrusted data within the Seata server, potentially exposing systems to remote code execution and other security risks. Vulnerability Overview The vulnerability impactsApache Seata (incubating) versions 2.0.0…
-
6 key trends redefining the XDR market
Tags: access, ai, apache, attack, cloud, country, crowdstrike, cybersecurity, data, detection, edr, endpoint, framework, identity, incident response, infrastructure, intelligence, marketplace, microsoft, ml, monitoring, msp, mssp, network, office, open-source, ransomware, service, siem, soc, sophos, threat, toolXDR-as-a-service on the rise: A fully staffed SOC is out of reach for many organizations and that’s why the rise of XDR-as-a-service reflects growing demand for managed, scalable security capabilities.”With stretched teams and expanding attack surfaces, many organizations are turning to trusted providers to deliver round-the-clock detection and response,” says Santiago Pontiroli, lead security researcher…
-
CVE-2025-49763 Remote DoS via Memory Exhaustion in Apache Traffic Server via ESI Plugin
Remote attackers can trigger an avalanche of internal ESI requests, exhausting memory and causing denial-of-service in Apache Traffic Server. Executive Summary Imperva’s Offensive Security Team discovered CVE-2025-49763, a high-severity vulnerability (CVSS v3.1 estimated score: 7.5) in Apache Traffic Server’s ESI plugin that enables unauthenticated attackers to exhaust memory and potentially crash proxy nodes. Given ATS’s……
-
CVE-2025-49763: Apache Traffic Server Vulnerability Enables Memory Exhaustion Attacks
A security flaw in Apache Traffic Server (ATS) is targeting cloud service providers worldwide. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apache-traffic-server-cve-2025-49763/
-
Apache Tomcat Flaws Allow Auth Bypass and DoS Attacks
Tags: apache, attack, authentication, cyber, dos, flaw, open-source, service, software, update, vulnerabilityThe Apache Software Foundation has released critical security updates to address four newly discovered vulnerabilities in Apache Tomcat, one of the world’s most widely used open-source Java servlet containers. These flaws, affecting Tomcat versions 9.0, 10.1, and 11.0, expose systems to denial-of-service (DoS) attacks, privilege escalation, installer abuse, and authentication bypass, prompting urgent calls for…
-
Apache Tomcat Manager subjected to brute-force, login intrusions
First seen on scworld.com Jump to article: www.scworld.com/brief/apache-tomcat-manager-subjected-to-brute-force-login-intrusions