Ongoing scans for Apache Tomcat servers unpatched against the Ghostcat vulnerability that allows potential attackers to take over servers have been detected over the weekend. As cyber threat ...

Developers in search of a Java application server have no shortage of options to consider. But before any enterprise selects and ultimately adopts a Java application server for development and ...

Some older versions of Apache Tomcat, the company’s open source web server and servlet container, are vulnerable to remote code execution. Some older versions of the open source Apache Tomcat web ...

Researchers from GreyNoise on Thursday reported active exploitation of CVE-2025-24813, a critical remote code execution vulnerability in Apache Tomcat web server software. The path equivalency flaw, ...

A coordinated campaign of brute-force attacks using hundreds of unique IP addresses targets Apache Tomcat Manager interfaces exposed online. A critical remote code execution (RCE) vulnerability in ...

Recently, I was asked to reorganize some of our Web applications to improve their stability. The major push was to get each of our applications running in its own instance of Tomcat. These ...

Apache Tomcat 7.0, the latest version of the popular open source Java Web server, is available Tuesday from the Apache Software Foundation. The upgrade constitutes the first major release of the ...

A vulnerability found in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The remote code execution (RCE) bug allows attackers to take over servers using a PUT API ...

Security outfit Wallarm spotted a PoC in the wild The method abuses a deserialization flaw in Apache Tomcat It allows attackers to fully take over vulnerable endpoints A deserialization vulnerability ...