Collecting Cyber-News from over 60 sources

Tag: apache

Apache Syncope Flaw Lets Attackers Access Internal Database Content

Nov 25, 2025 1:51 PM

Tags: access, apache, credentials, cyber, encryption, flaw, password, vulnerability

A security vulnerability has been identified in Apache Syncope that could allow attackers to decrypt stored passwords if they gain access to the internal database. The flaw stems from the use of a hardcoded default AES encryption key, which undermines the password protection mechanism designed to keep sensitive user credentials secure. The vulnerability affects multiple…
Apache Syncope Passwords at Risk from Newly Disclosed CVE-2025-65998

Nov 25, 2025 1:51 PM

Tags: apache, cve, flaw, identity, open-source, password, risk

A critical security flaw has been uncovered in Apache Syncope, the widely used open-source identity management system, potentially putting organizations at risk of exposing sensitive password information. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apache-syncope-cve-2025-65998-flaw/
Apache Syncope Passwords at Risk from Newly Disclosed CVE-2025-65998

Nov 25, 2025 1:51 PM

Tags: apache, cve, flaw, identity, open-source, password, risk

A critical security flaw has been uncovered in Apache Syncope, the widely used open-source identity management system, potentially putting organizations at risk of exposing sensitive password information. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apache-syncope-cve-2025-65998-flaw/
Apache Syncope Passwords at Risk from Newly Disclosed CVE-2025-65998

Nov 25, 2025 1:51 PM

Tags: apache, cve, flaw, identity, open-source, password, risk

A critical security flaw has been uncovered in Apache Syncope, the widely used open-source identity management system, potentially putting organizations at risk of exposing sensitive password information. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apache-syncope-cve-2025-65998-flaw/
Angeblich interne Daten gestohlen – Akira droht mit Daten-Leak von Apache OpenOffice

Nov 20, 2025 7:49 AM

Tags: apache, leak

First seen on security-insider.de Jump to article: www.security-insider.de/moeglicher-hackerangriff-auf-apache-openoffice-a-d89a3af87b8e8d85469442b3c653ade0/
Angeblich interne Daten gestohlen – Akira droht mit Daten-Leak von Apache OpenOffice

Nov 20, 2025 7:49 AM

Tags: apache, leak

First seen on security-insider.de Jump to article: www.security-insider.de/moeglicher-hackerangriff-auf-apache-openoffice-a-d89a3af87b8e8d85469442b3c653ade0/
Apache OpenOffice disputes data breach claims by ransomware gang

Nov 4, 2025 11:19 PM

Tags: apache, attack, breach, corporate, data, data-breach, ransomware, software, threat

The Apache Software Foundation disputes claims that its OpenOffice project suffered an Akira ransomware attack, after the threat actors claimed to have stolen 23 GB of corporate documents. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apache-openoffice-disputes-data-breach-claims-by-ransomware-gang/
Modern supply-chain attacks and their real-world impact

Nov 4, 2025 9:19 AM

Tags: access, ai, apache, attack, authentication, backdoor, breach, china, control, credentials, crowdstrike, crypto, cybersecurity, data, defense, email, espionage, exploit, github, group, infection, infosec, injection, intelligence, korea, lazarus, LLM, malicious, malware, marketplace, mfa, microsoft, network, north-korea, open-source, password, phishing, pypi, qr, risk, social-engineering, software, supply-chain, tactics, theft, threat, tool, worm, zero-day

This is what modern software supply-chain attacks look like. Since the industry-shaking SolarWinds compromise of 2020, the threat landscape has changed dramatically. Early high-profile incidents targeted build servers or tampered software updates. Today’s attackers prefer a softer entry point: the humans maintaining open-source projects.In the last two years, the majority of large-scale supply-chain intrusions have…
Modern supply-chain attacks and their real-world impact

Nov 4, 2025 9:19 AM

Tags: access, ai, apache, attack, authentication, backdoor, breach, china, control, credentials, crowdstrike, crypto, cybersecurity, data, defense, email, espionage, exploit, github, group, infection, infosec, injection, intelligence, korea, lazarus, LLM, malicious, malware, marketplace, mfa, microsoft, network, north-korea, open-source, password, phishing, pypi, qr, risk, social-engineering, software, supply-chain, tactics, theft, threat, tool, worm, zero-day

This is what modern software supply-chain attacks look like. Since the industry-shaking SolarWinds compromise of 2020, the threat landscape has changed dramatically. Early high-profile incidents targeted build servers or tampered software updates. Today’s attackers prefer a softer entry point: the humans maintaining open-source projects.In the last two years, the majority of large-scale supply-chain intrusions have…
Modern supply-chain attacks and their real-world impact

Nov 4, 2025 9:19 AM

Tags: access, ai, apache, attack, authentication, backdoor, breach, china, control, credentials, crowdstrike, crypto, cybersecurity, data, defense, email, espionage, exploit, github, group, infection, infosec, injection, intelligence, korea, lazarus, LLM, malicious, malware, marketplace, mfa, microsoft, network, north-korea, open-source, password, phishing, pypi, qr, risk, social-engineering, software, supply-chain, tactics, theft, threat, tool, worm, zero-day

This is what modern software supply-chain attacks look like. Since the industry-shaking SolarWinds compromise of 2020, the threat landscape has changed dramatically. Early high-profile incidents targeted build servers or tampered software updates. Today’s attackers prefer a softer entry point: the humans maintaining open-source projects.In the last two years, the majority of large-scale supply-chain intrusions have…
Akira Ransomware Strikes Apache OpenOffice, Allegedly Exfiltrates 23GB of Data

Nov 1, 2025 12:19 PM

Tags: apache, breach, corporate, cyber, dark-web, data, group, leak, ransom, ransomware

The notorious Akira ransomware gang announced on October 29, 2025, that it successfully penetrated the systems of Apache OpenOffice, claiming to have exfiltrated a staggering 23 gigabytes of sensitive corporate data. The group posted details on its dark web leak site, threatening to release the stolen information unless a ransom demand is met. This incident…
Akira Ransomware Claims It Stole 23GB from Apache OpenOffice

Oct 31, 2025 12:19 AM

Tags: apache, breach, data, finance, group, ransomware

The Akira ransomware group claims to have stolen 23GB of data from Apache OpenOffice, including employee and financial records, though the breach remains unverified. First seen on hackread.com Jump to article: hackread.com/akira-ransomware-stole-apache-openoffice-data/
Apache Tomcat Path Traversal Vulnerability (CVE-2025-55752) Notice

Oct 29, 2025 11:26 AM

Tags: apache, cve, cyber, flaw, network, vulnerability

Overview Recently, NSFOCUS CERT detected that Apache issued a security bulletin to fix the Apache Tomcat path traversal vulnerability (CVE-2025-55752); This vulnerability is a flaw introduced when fixing CVE-2016-5388. Since the rewritten URL is normalized before URL decoding, if the system is configured with rewrite rules to rewrite query parameters into the URL, an authenticated…The…
Apache Tomcat Path Traversal Vulnerability (CVE-2025-55752) Notice

Oct 29, 2025 11:26 AM

Tags: apache, cve, cyber, flaw, network, vulnerability

Overview Recently, NSFOCUS CERT detected that Apache issued a security bulletin to fix the Apache Tomcat path traversal vulnerability (CVE-2025-55752); This vulnerability is a flaw introduced when fixing CVE-2016-5388. Since the rewritten URL is normalized before URL decoding, if the system is configured with rewrite rules to rewrite query parameters into the URL, an authenticated…The…
Apache Warns of Critical Tomcat Vulnerabilities Impacting Versions 9, 10, and 11

Oct 29, 2025 9:26 AM

Tags: apache, flaw, software, vulnerability

The Apache Software Foundation has disclosed two new security vulnerabilities affecting multiple versions of Apache Tomcat, warning system administrators to take immediate action. The flaws, identified as CVE-2025-55752 and CVE-2025-55754, were officially announced on October 27, 2025, and impact Tomcat versions 9, 10, and 11. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apache-tomcat-cve-2025-55752/
Apache Warns of Critical Tomcat Vulnerabilities Impacting Versions 9, 10, and 11

Oct 29, 2025 9:26 AM

Tags: apache, flaw, software, vulnerability

The Apache Software Foundation has disclosed two new security vulnerabilities affecting multiple versions of Apache Tomcat, warning system administrators to take immediate action. The flaws, identified as CVE-2025-55752 and CVE-2025-55754, were officially announced on October 27, 2025, and impact Tomcat versions 9, 10, and 11. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apache-tomcat-cve-2025-55752/
Apache Tomcat Flaws Allow Remote Code Execution on Vulnerable Servers

Oct 28, 2025 7:26 AM

Tags: apache, cve, cvss, cyber, flaw, remote-code-execution, risk, software, vulnerability

The Apache Software Foundation has disclosed two security vulnerabilities affecting multiple versions of Apache Tomcat, with one flaw posing a serious risk of remote code execution on vulnerable servers. The flaws impact Apache Tomcat versions 9, 10, and 11, prompting urgent warnings for administrators to upgrade their installations immediately. CVE ID Vulnerability Severity CVSS Score…
Apache Tomcat Flaws Allow Remote Code Execution on Vulnerable Servers

Oct 28, 2025 7:26 AM

Tags: apache, cve, cvss, cyber, flaw, remote-code-execution, risk, software, vulnerability

The Apache Software Foundation has disclosed two security vulnerabilities affecting multiple versions of Apache Tomcat, with one flaw posing a serious risk of remote code execution on vulnerable servers. The flaws impact Apache Tomcat versions 9, 10, and 11, prompting urgent warnings for administrators to upgrade their installations immediately. CVE ID Vulnerability Severity CVSS Score…
Apache Syncope Groovy Flaw Allows Remote Code Injection

Oct 21, 2025 2:26 PM

Tags: apache, attack, cve, cyber, flaw, injection, malicious, vulnerability

Apache Syncope, has disclosed a critical security vulnerability that allows authenticated administrators to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025-57738, impacts all Apache Syncope versions 3.x before 3.0.14 and 4.x before 4.0.2, exposing organisations to potential system compromise through malicious Groovy code injection.”‹ Vulnerability Details and Attack Mechanism The vulnerability exists…
Apache Syncope Groovy Flaw Allows Remote Code Injection

Oct 21, 2025 2:26 PM

Tags: apache, attack, cve, cyber, flaw, injection, malicious, vulnerability

Apache Syncope, has disclosed a critical security vulnerability that allows authenticated administrators to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025-57738, impacts all Apache Syncope versions 3.x before 3.0.14 and 4.x before 4.0.2, exposing organisations to potential system compromise through malicious Groovy code injection.”‹ Vulnerability Details and Attack Mechanism The vulnerability exists…
Critical Apache ActiveMQ Flaw Lets Attackers Run Code Remotely

Oct 16, 2025 10:07 PM

Tags: apache, flaw

A flaw in Apache ActiveMQ’s .NET client lets attackers run code remotely, risking full system compromise for unpatched users. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/apache-activemq-vulnerability/
Critical Apache ActiveMQ Let Attackers Execute Arbitrary Code

Oct 16, 2025 1:07 PM

Tags: apache, cve, cyber, exploit, flaw, malicious, risk, vulnerability

An important security flaw in Apache ActiveMQ’s .NET client library has put developers at risk of remote code execution. The vulnerability, tracked as CVE-2025-54539, exists in the Apache ActiveMQ NMS AMQP Client and can be triggered when the client connects to a malicious AMQP server. Attackers can exploit this flaw to run arbitrary code on…
Critical Apache ActiveMQ Let Attackers Execute Arbitrary Code

Oct 16, 2025 1:07 PM

Tags: apache, cve, cyber, exploit, flaw, malicious, risk, vulnerability

An important security flaw in Apache ActiveMQ’s .NET client library has put developers at risk of remote code execution. The vulnerability, tracked as CVE-2025-54539, exists in the Apache ActiveMQ NMS AMQP Client and can be triggered when the client connects to a malicious AMQP server. Attackers can exploit this flaw to run arbitrary code on…
Apache Airflow Vulnerability Lets Read-Only Users Access Sensitive Data

Sep 26, 2025 3:08 PM

Tags: access, apache, api, cve, cyber, data, unauthorized, vulnerability

Apache Airflow maintainers have disclosed a serious security issue, tracked as CVE-2025-54831, that allows users holding only read permissions to view sensitive connection details via both the Airflow API and web interface. The vulnerability, present in Airflow version 3.0.3, undermines the platform’s intended “write-only” treatment of secrets in Connections and could lead to unauthorized exposure…
CISA Alerts of Hackers Targeting Ivanti Endpoint Manager Mobile Vulnerabilities to Distribute Malware

Sep 19, 2025 12:15 PM

Tags: apache, cisa, cve, cyber, endpoint, hacker, ivanti, malicious, malware, mobile, threat, vulnerability

Cyber threat actors have weaponized two critical Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities”, CVE-2025-4427 and CVE-2025-4428″, to deploy sophisticated malicious loaders and listeners on compromised servers. The malware consists of two sets of components: Loader 1 (web-install.jar, ReflectUtil.class, SecurityHandlerWanListener.class) and Loader 2 (web-install.jar, WebAndroidAppInstaller.class), both designed to inject arbitrary code and maintain persistence on Apache…
Apache Jackrabbit Vulnerability Exposes Systems to Remote Code Execution Attacks

Sep 8, 2025 10:08 AM

Tags: apache, attack, cyber, flaw, remote-code-execution, vulnerability

A new security flaw has been discovered in Apache Jackrabbit, a widely used content repository system, potentially exposing thousands of applications to remote code execution (RCE) risks. The vulnerability, tracked asCVE-2025-58782, affects both Apache Jackrabbit Core and Apache Jackrabbit JCR Commons, with severity rated asimportant. The issue arises fromdeserialization of untrusted datawithin JNDI-based repository lookups.…
Apache DolphinScheduler Vulnerability Patched, Update Immediately

Sep 3, 2025 2:22 PM

Tags: apache, cve, cyber, open-source, update, vulnerability

A low-severity security issue in Apache DolphinScheduler has been addressed in the latest release. Identified as CVE-2024-43166 and classified under CWE-276: Incorrect Default Permissions, this vulnerability affects all DolphinScheduler versions prior to 3.2.2. Users are strongly advised to upgrade to version 3.3.1 as soon as possible to mitigate potential risks. Apache DolphinScheduler is an open-source,…
Apache DolphinScheduler Vulnerability Patched, Update Immediately

Sep 3, 2025 2:22 PM

Tags: apache, cve, cyber, open-source, update, vulnerability

A low-severity security issue in Apache DolphinScheduler has been addressed in the latest release. Identified as CVE-2024-43166 and classified under CWE-276: Incorrect Default Permissions, this vulnerability affects all DolphinScheduler versions prior to 3.2.2. Users are strongly advised to upgrade to version 3.3.1 as soon as possible to mitigate potential risks. Apache DolphinScheduler is an open-source,…
Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection

Aug 21, 2025 6:54 PM

Tags: apache, cloud, cve, detection, exploit, flaw, hacker, linux, update, vulnerability

Hackers exploit Apache ActiveMQ flaw to install DripDropper on Linux, then patch it to block rivals and hide their tracks. Red Canary researchers observed attackers exploit a 2-year-old Apache ActiveMQ vulnerability, tracked as CVE-2023-46604 (CVSS score of 10.0), to gain persistence on cloud Linux systems and deploy DripDropper malware. Uniquely, they patch the flaw post-exploit…
Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection

Aug 21, 2025 6:54 PM

Tags: apache, cloud, cve, detection, exploit, flaw, hacker, linux, update, vulnerability

Hackers exploit Apache ActiveMQ flaw to install DripDropper on Linux, then patch it to block rivals and hide their tracks. Red Canary researchers observed attackers exploit a 2-year-old Apache ActiveMQ vulnerability, tracked as CVE-2023-46604 (CVSS score of 10.0), to gain persistence on cloud Linux systems and deploy DripDropper malware. Uniquely, they patch the flaw post-exploit…