Arabian Post

Tomcat patch cycle exposes a deeper risk

Apache Tomcat users are being urged to move quickly after the Apache Software Foundation disclosed a set of security flaws that could let attackers undermine encrypted traffic protections, slip past ...
Bleeping Computer

Brute-force attacks target Apache Tomcat management panels

A coordinated campaign of brute-force attacks using hundreds of unique IP addresses targets Apache Tomcat Manager interfaces exposed online. Tomcat is a popular open-source web server widely used by ...
TechRepublic

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk?

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? Your email has been sent Apache Tomcat is under attack as cybercriminals actively exploit a recently disclosed ...
theregister

'Dead simple' hijacking hole in Apache Tomcat 'now actively exploited in the wild'

The vulnerability is CVE-2025-24813, and was revealed on March 10 along with updates to close the hole in the open source web server software. According to API security shop Wallarm, an exploit for ...
CSOonline

Tomcat PUT to active abuse as Apache deals with critical RCE flaw

Apache Software’s open-source web container for handling Java-based web applications, Tomcat, is under active attacks through a critical RCE flaw the company disclosed last week. According to API ...
CSOonline

China’s Volt Typhoon exploits Versa zero-day to hack US ISPs and IT firms

The Chinese APT group leveraged the vulnerability to deploy a web shell that stole credentials from Versa Director SD-WAN deployments of ISPs, MSPs, and IT companies. State-sponsored Chinese hackers ...
InfoQ

Java News Roundup: New OpenJDK JEPs, Payara Platform, Spring and Tomcat Updates, WildFly 28

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...