Apache StreamPipes Flaw Lets Anyone Become Admin

Sometimes a breach doesn’t kick down the front door. It just changes the name on the badge.
heise online

Apache Commons Text: Code injection vulnerability in older versions

Apache Commons Text is used for processing character strings in Java apps. A critical vulnerability allows the injection of malicious code. In the “Apache Commons Text” library, developers have ...
Jalopnik

Should You Replace Struts When You Replace Shocks?

Many auto repair shops and mechanics recommend replacing a car's struts and shocks at the same time. There is some sound reasoning behind that approach as both components can affect a car's handling, ...
CSOonline

Apache Tika hit by critical vulnerability thought to be patched months ago

A security flaw in the widely-used Apache Tika XML document extraction utility, originally made public last summer, is wider in scope and more serious than first thought, the project’s maintainers ...
GitHub

Apache Struts CVE-2017-5638 module fails to detect vulnerability on Struts 2.5.10 instance

The apache_struts_vuln module in Nettacker 0.4.0 fails to detect the Apache Struts CVE-2017-5638 Remote Code Execution vulnerability on a known vulnerable Struts 2.5. ...
American Songwriter

The Struts Team Up with Their “Hero,” Queen’s Brian May, for a New Version of Their Popular Rock Anthem “Could Have Been Me”

Prior to the release of the reimagined version of “Could Have Been Me,” Struts frontman Luke Spiller issued a statement explaining that he was “absolutely ecstatic” about the collaboration with his ...
Business Insider

75% of dating apps are unsafe, new study find

The Business Digital Index (BDI) team analyzed the 24 largest dating platforms to assess how well they secure their digital infrastructure. Unfortunately, 75% of major dating apps received a grade of ...
Cloud Security Alliance

Risk-Based vs. Compliance-Based Security: Why One Size Doesn’t Fit All

Compliance frameworks establish essential security baselines. The challenge: They often fall short of addressing the nuanced and ever-changing nature of cyber risks. This underscores the necessity of ...
Business Wire

GrammaTech VP Dr. Paul Anderson to Present at embedded world 2021 DIGITAL

BETHESDA, Md.--(BUSINESS WIRE)--GrammaTech, a leading provider of application security testing products and software research services, today announced that its VP of Engineering Dr. Paul Anderson ...
Fast Company

Leading the charge: The ESG imperative in safeguarding critical infrastructure

The rise in cybersecurity attacks targeting critical infrastructure has become an urgent national security concern, impacting business operations and community safety. A recent SP Global report ...
Forbes

Critical 10/10 Microsoft Cloud Security Vulnerability Confirmed

Update, May 11, 2025: This story, originally published May 9, has been updated with more details on the move towards greater cloud Common Vulnerabilities and Exposures (CVE) transparency by both ...
Forbes

587 Windows Vulnerabilities — A Microsoft Security Record Breaker

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. When you see any headline alerting you to a security ...