Dark Reading

Microsoft SharePoint Vuln Is Under Active Exploit

A high-severity flaw in Microsoft SharePoint, tracked as CVE-2024-38094, is under active exploit. The bug is a deserialization vulnerability, which is often used as attack vectors by malicious cyber ...
HHS

New Hacking Group Exploits Vulnerabilities in Web Apps

A newly discovered threat group dubbed Praying Mantis is targeting businesses in the U.S by exploiting vulnerabilities in internet-facing web applications to steal credentials and other data, the ...

Contrast Security Announces Runtime ADR Integration with Google Security Operations

Contrast Security today announced a new integration between Contrast Application Detection and Response (ADR) and Google ...
Bleeping Computer

Apache Parquet exploit tool detect servers vulnerable to critical flaw

A proof-of-concept exploit tool has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers. The tool was ...
Dark Reading

Apache Tomcat RCE Vulnerability Under Fire With 2-Step Exploit

A vulnerability found in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The remote code execution (RCE) bug allows attackers to take over servers using a PUT API ...
CSOonline

Tomcat PUT to active abuse as Apache deals with critical RCE flaw

Apache Software’s open-source web container for handling Java-based web applications, Tomcat, is under active attacks through a critical RCE flaw the company disclosed last week. According to API ...