📢⚠️ Years-old vulnerable Apache Struts 2 versions were downloaded 387K times in one week, despite a high-severity CVE-2025-68493 flaw - Patch to 6.1.1 now! Read: hackread.com/years-old-vulne… #Cybersecurity #ApacheStruts #Vulnerability #InfoSec #DevSecOps

Warning: #XXE vulnerability in the XWork component of #ApacheStruts (versions 2.0.0 - 6.1.0). #CVE-2025-68493 (CVSS 8.1 High). Attackers can exploit this to read sensitive files or perform #SSRF. Time to patch! #Patch #Patch #Patch

ApacheポイとかApacheもういらねー派閥による開発とか ApacheWicketとか ApacheStrutsとか色んな派閥あるね💦

🚩 251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch thehackernews.com/2025/05/25… On May 8, 2025, cybersecurity researchers observed a coordinated cloud-based scanning activity involving 251 malicious IP addresses hosted by Amazon and geolocated to Japan. These IPs targeted 75 distinct exposure points, exploiting known CVEs and probing for misconfigurations across various technologies, including Adobe ColdFusion, Apache Struts, and Elasticsearch. Organizations should promptly review their systems for potential vulnerabilities, apply necessary patches, and monitor for unusual activities to mitigate risks associated with such exploit scans. #CyberSecurity #CloudSecurity #ExploitScan #ColdFusion #ApacheStruts #Elasticsearch

Rooted Strutted on HTB! 🎉 This box showcases CVE-2024-53677—a great deep dive into practical exploit techniques. Read my walkthrough here: buff.ly/40tjuS1 Keep hacking, keep learning. 🛡️💻 #HackTheBox #CVE202453677 #CTF #Cybersecurity #InfoSec #ApacheStruts #Hacker

💥 𝗖𝗩𝗘-𝟮𝟬𝟮𝟰-𝟱𝟯𝟲𝟳𝟳 – Des pirates tentent d’exploiter une nouvelle 𝗳𝗮𝗶𝗹𝗹𝗲 𝗰𝗿𝗶𝘁𝗶𝗾𝘂𝗲 présente dans 𝗔𝗽𝗮𝗰𝗵𝗲 𝗦𝘁𝗿𝘂𝘁𝘀 ! 📄 Plus d'infos : it-connect.fr/cve-2024-53677… #cybersecurite #ApacheStruts #Java #developpeur it-connect.fr/cve-2024-53677…

رشتو: آسیب پذیری با شناسه CVE-2024-53677 در Apache Struts گزارش شده که امکان RCE رو به مهاجم میده. امتیاز 9.5 و شدت بحرانی داره. چارچوب #ApacheStruts یک چارچوب نرم‌افزاری متن‌ باز و محبوب برای توسعه برنامه‌های وب با استفاده از زبان برنامه‌نویسی جاوا هستش. #آپاچی #جاوا

🚨 Live Stream 🚀 Latest Cyber News 🎙️ @Cisco Data Leaked Online, @Meta Fined $263M for #GDPR Violation, #ApacheStruts Flaw Exploited, Pre-#Ransomware Alerts Double #cybernews #cybersecurity #infosecnews #ciso #ransomware #databreach #cyberattack x.com/i/broadcasts/1YpKklQwW…

Joyeux Noël 🎅🏻// Merry Christmas 🎄 PATCHEZ - PATCHEZ - PATCHEZ Un moment approprié pour les malfaisants de s'enprendre à ces failles en pleine périodes des fêtes. En provenance de l'article de @BleepinComputer ici-bas mentionné: "Une vulnérabilité critique d'#ApacheStruts2, récemment corrigée et répertoriée sous le nom de CVE-2024-53677, est activement #exploitée à l'aide d'exploits de démonstration de concept publics afin de trouver des dispositifs vulnérables. #ApacheStruts est un cadre de travail de source ouverte permettant de créer des applications web basées sur #Java et utilisées par diverses organisations, notamment des agences gouvernementales, des plateformes de commerce électronique, des institutions financières et des compagnies aériennes. @TheASF a révélé publiquement la faille Struts CVE-2024-53677 (score CVSS 4.0 : 9.5, « critique ») il y a six jours, indiquant qu'il s'agit d'un bogue dans la logique de téléchargement de fichiers du logiciel, permettant des traversées de chemin et le téléchargement de fichiers malveillants qui pourraient conduire à l'exécution de code à distance. Il concerne Struts 2.0.0 à 2.3.37 (fin de vie), 2.5.0 à 2.5.33, et 6.0.0 à 6.3.0.2." 20241217 - New critical Apache Struts flaw exploited to find vulnerable servers bleepingcomputer.com/news/se… 20241217 - Apache security bulletin - S2-067 - cwiki.apache.org/confluence/… 20241212 - Proof of Concept - github.com/TAM-K592/CVE-2024… 20241216 - @centrecyber_ca - Alerte - CVE-2024-53677 – #Vulnérabilité touchant #ApacheStruts2 cyber.gc.ca/fr/alertes-avis/… #infosec #cybersecurity #secinfo #cybersecurite #cyberwar #cyberwarfare #OPSEC @infosecsw #criticalinfrastructure #infrastructureessentielle #patchmanagement #gestioncorrectifs #DQP #ASAP

「Apache Struts」に深刻な脆弱性 - リモートよりコード実行のおそれ #脆弱性 #ApacheStruts #サイバー攻撃 #リモートコード実行 #ウェブアプリケーション #セキュリティパッチ #情報セキュリティ security-next.com/165232

🚨 Critical Security Alert 🚨 Developers using Apache Struts must act NOW! A severe flaw (CVE-2024-53677, CVSS 9.5) enables remote code execution via file upload vulnerabilities in versions 2.0.0–2.5.33 & 6.0.0–6.3.0.2. ✅ Fix it: Upgrade to version 6.4.0 and migrate to the new Action File Upload mechanism. This update is NOT backward compatible. ⚠️ Delays in patching leave systems at risk of compromise or complete server takeover. Prioritize this update to safeguard your infrastructure! #CyberSecurity #ApacheStruts #CVE2024_53677 #DevSecOps securityonline.info/cve-2024…

CVE-2024-53677 (CVSS 9.5): Critical Vulnerability in Apache Struts Allows Remote Code Execution Urgent security update for #ApacheStruts users: Critical vulnerability allows remote code execution. Update now to protect your systems securityonline.info/cve-2024…

🚨 بررسی آسیب‌پذیری بحرانی CVE-2023-50164 در Apache Struts 🛡️ این آسیب‌پذیری امکان RCE رو فراهم می‌کنه که می‌تونه به مهاجمان اجازه بده کنترل سرور رو به دست بگیرن! 😱 جزئیات بیشتر و روش‌های پیشگیری تو کانال 👇 🔗 t.me/GOTOCVE/140 #ApacheStruts #GOTOCVE

The popularity of the #ApacheStruts framework results in a major concern across organizations for any related #vulnerability. blog.qualys.com/product-tech…

Apache Strutsが世界中でサイバー攻撃に悪用されている、各国当局が警告 #MynaviNews (Dec 18) #ApacheStruts #サイバー攻撃 #脆弱性 #CVE202350164 #サイバーセキュリティ #Malwarebytes #ACSC #CERTFR #AkamaiTechnologies news.mynavi.jp/techplus/arti…

1/5 #Apache has recently released an advisory for CVE-2023-50164, a critical vulnerability tied to the way #ApacheStruts handles file uploads. We dissected what this could mean for Apache Struts users and present our solutions. Find out more here: research.trendmicro.com/3RJK…

#Dontmiss #Hotstuff #News #Akamai #ApacheStruts Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164) helpnetsecurity.com/2023/12/…

🚨 CVE Alert: Critical Remote Code Execution Vulnerability in Apache Struts CVSS 9.8/10)🚨 CVE-2023-50164(CVSS 9.8/10) - Critical Remote Code Execution Vulnerability in Apache Struts Impact: could allow an attacker to manipulate file upload parameters to enable path traversal. This could allow the attacker to upload a malicious file that could be used to perform remote code execution. Affected version: Apache Struts version 2.0.0 through 2.3.37 (EOL) Apache Struts version 2.5.0 through 2.5.32 Apache Struts version 6.0.0 through 6.3.32 Fix Version: Apache Struts 2.5.33 or Struts 6.3.0.2 or greater --------------------------------------------------------------------------------------- 🚀Join us on our mission to secure the digital world and make cyber defense affordable to everyone! 🌐 Follow "CyberXTron Technologies" for the timely, relevant and actionable cyber threat insights. #ApacheStruts #RCE #CVEExploit #Cyberattacks #CyberSecurity 🛡️🔒

#Dontmiss #Hotstuff #News #ApacheStruts #securityupdate New RCE vulnerability in Apache Struts 2 fixed, upgrade ASAP (CVE-2023-50164) helpnetsecurity.com/2023/12/…

Apache Tiles greatly simplifies web component reuse in your application, especially when paired with Struts support, boosting your confidence in future Struts and Tiles integration... Read more in @lukaszlenart's blog #apachestruts #apachetiles #java softwaremill.com/how-apache-…