Pulse of Truth

794 readers

46 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 1 year ago

MODERATORS

krogoth@infosec.pub

Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure (thehackernews.com)

submitted 17 hours ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub

1 comments fedilink hide all child comments

A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public disclosure. The vulnerability, tracked as CVE-2025-24813, affects the below versions -

Apache Tomcat 11.0.0-M1 to 11.0.2 Apache Tomcat 10.1.0-M1 to 10.1.34 Apache Tomcat 9.0.0-M1 to 9.0.98

It concerns a

you are viewing a single comment's thread
view the rest of the comments

[–] drkt_@lemmy.dbzer0.com 1 points 15 hours ago

I wonder if that has anything to do with the Tomcat test pages that have been showing up on my honeypot.