Bleeping Computer

Apache fixes actively exploited zero-day vulnerability, patch now

The Apache Software Foundation has released version 2.4.50 of the HTTP Web Server to address two vulnerabilities, one of which is an actively exploited path traversal and file disclosure flaw. The ...
heise online

Google's vulnerability scanner checks container layers and Maven projects

Google has released the second version of its vulnerability scanner for open-source projects, which now performs in-depth analyses in complex projects and containers. It also supports Java projects ...
CSOonline

Lesson from Apache flaw: Test everything

Apache Server hole, unpatched until last week, shows importance of vulnerability testing for all software, not just code your developers write The Apache Software Foundation rolled out a patch last ...