Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters

Image: cynoclub/Envato Elements Apache Tomcat is under attack as cybercriminals actively exploit a recently disclosed vulnerability, enabling remote code execution (RCE). With simple HTTP requests, attackers can trigger the deserialisation of malicious data and gain control over affected systems. The vulnerability, CVE-2025-24813, was disclosed by Apache on March 10, with the first proof of concept being released on GitHub about 30 hours later, posted by user iSee857. Soon after, security firm Wallarm later saw that…

Read More

BeyondTrust Report: Microsoft Security Vulnerabilities Decreased by 5% in 2023

BeyondTrust Report: Microsoft Security Vulnerabilities Decreased by 5% in 2023

The number of Microsoft vulnerabilities has mostly flattened in 2023, with elevation of privilege and identity attacks being particularly common, according to BeyondTrust’s annual Microsoft Vulnerabilities report. Identity and access management solutions company BeyondTrust studied the most significant CVEs of 2023 and Microsoft vulnerability data from Microsoft’s monthly Patch Tuesday bulletins. The report includes vulnerability trends and tips about how to reduce identity attacks. Microsoft reported 1,228 vulnerabilities in 2023 The total number of Microsoft…

Read More