TechRepublic

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk?

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? Your email has been sent Apache Tomcat is under attack as cybercriminals actively exploit a recently disclosed ...
ZDNet

Apache applies security patch

The Apache Software Foundation released on Wednesday an updated version of its market-leading Web server software, primarily to patch previously undisclosed security holes. The group, which ...
SecurityWeek

Recent Apache ActiveMQ Vulnerability Exploited in the Wild

Organizations are warned that a recently patched vulnerability affecting Apache ActiveMQ Classic is being exploited in the ...
Bleeping Computer

Apache fixes actively exploited zero-day vulnerability, patch now

The Apache Software Foundation has released version 2.4.50 of the HTTP Web Server to address two vulnerabilities, one of which is an actively exploited path traversal and file disclosure flaw. The ...
ZDNet

Apache's new security update for HTTP Server fixes two flaws

The Apache Software Foundation has released an update to address a critical flaw in its hugely popular web server that allows remote attackers to take control of a vulnerable system. The first Apache ...
Bleeping Computer

Undisclosed Apache Velocity XSS vulnerability impacts GOV sites

An undisclosed Cross-Site Scripting (XSS) vulnerability in Apache Velocity Tools can be exploited by unauthenticated attackers to target government sites, including NASA and NOAA. Although 90 days ...
The Hacker News

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

CVE-2026-34197 exploited in Apache ActiveMQ; CISA KEV listing sets April 30, 2026 patch deadline, increasing enterprise RCE ...
Rochester Institute of Technology

Apache Log4j Mitigation

Attackers are exploiting a vulnerability in the Log4j logging platform on systems running Apache software that is written in Java and utilizes the log4j library. Critical systems will be impacted.
Computerworld

Opinion: Web server security: Is IIS or Apache more secure

Continuing the theme from my previous column on the relative security of Internet Information Services (IIS) vs. Apache, I’ve come across more studies to support my initial conclusion. If you remember ...
SD Times

Apache Software Foundation takes an in-depth look at its state of security in 2020

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
Dark Reading

Apache Commons Vulnerability: Patch but Don't Panic

Researchers who have analyzed the recently disclosed vulnerability in Apache Commons Text — referred to by some as Text4Shell — described it this week as serious but unlikely to be as disruptive as ...
CNET

Apache security "leak" noted with .DS_Store files

Christopher Graham sent us the following note, posted to the Apache Webserver Weekly mailings: "Mac OS X users should be aware of a potential problem as the Finder creates files .DS_Store in viewed ...