The Hacker News

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

CVE-2026-34197 exploited in Apache ActiveMQ; CISA KEV listing sets April 30, 2026 patch deadline, increasing enterprise RCE ...

CISA flags Apache ActiveMQ flaw as actively exploited in attacks

CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this ...

13-year-old bug in ActiveMQ lets hackers remotely execute commands

Security researchers discovered a remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that has gone ...
Threat Post

Cross-Site Scripting Flaw in Apache ActiveMQ Threatens Web Visitors

With the malicious code embedded into websites, the attacker can then piggyback on the trust level of the website and launch a variety of attacks. Researchers have found a cross-site scripting (XSS) ...
Dark Reading

Attackers Target Max-Severity Apache ActiveMQ Bug to Drop Ransomware

More than 3,000 Internet-accessible Apache ActiveMQ Servers are exposed to a critical remote code execution vulnerability that an attacker has begun actively targeting to drop ransomware. The Apache ...
Dark Reading

Kinsing Cyberattackers Target Apache ActiveMQ Flaw to Mine Crypto

The attackers behind the Kinsing malware are the latest to exploit the Apache ActiveMQ critical remote code execution (RCE) vulnerability, targeting the flaw to infect vulnerable Linux systems with a ...