Threat Post

Patch Released for Critical Apache Struts Bug

The Apache Software Foundation released a patch on Tuesday for a critical vulnerability impacting all versions of Struts since 2008. The Apache Software Foundation has patched a critical remote code ...
Bleeping Computer

Ransomware Gang Made Over $100,000 by Exploiting Apache Struts Zero-Day

For more than a month, at least ten groups of attackers have been compromising systems running applications built with Apache Struts and installing backdoors, DDoS bots, cryptocurrency miners, or ...
Threat Post

PoC Exploit Targeting Apache Struts Surfaces on GitHub

Researchers have discovered freely available PoC code and exploit that can be used to attack unpatched security holes in Apache Struts 2. Proof-of-concept exploit code surfaced on GitHub on Friday, ...