Continuing the theme from my previous column on the relative security of Internet Information Service (IIS) vs. Apache, I’ve come across more studies to support my initial conclusion. Since a single ...

The Apache Software Foundation has released version 2.4.50 of the HTTP Web Server to address two vulnerabilities, one of which is an actively exploited path traversal and file disclosure flaw. The ...

The open-source project has rolled out a security fix for CVE-2021-41773, for which public cyberattack exploit code is circulating. Apache Software has quickly issued a fix for a zero-day security bug ...

Apache Software Foundation has released HTTP Web Server 2.4.51 after researchers discovered that a previous security update didn't correctly fix an actively exploited vulnerability. Apache HTTP Server ...

Security researchers have found new backdoor malware targeting Apache web servers, which is designed to expose website visitors to exploit kits like the notorious Blackhole. Researchers at security ...

The Apache HTTP Server version 2.4.49 has a blistering vulnerability, and it’s already being leveraged in attacks. CVE-2021-41773 is a simple path traversal flaw, where the %2e encoding is used to ...

Apache Server hole, unpatched until last week, shows importance of vulnerability testing for all software, not just code your developers write The Apache Software Foundation rolled out a patch last ...

This week, the Apache Software Foundation has patched a severe vulnerability in the Apache (httpd) web server project that could --under certain circumstances-- allow rogue server scripts to execute ...

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? Your email has been sent Apache Tomcat is under attack as cybercriminals actively exploit a recently disclosed ...