Apache Struts, RCEs, and the Equifax Breach Anniversary

Apache Struts, RCEs, and the Equifax Breach Anniversary

We just passed the one-year anniversary of Equifax’s announcement of their massive data breach due to an exploit of an Apache Struts vulnerability (CVE-2017-5638) – and incidentally, at nearly the same time ...
automation

Cisco Products Receive Patches for Critical Struts Vulnerability

Cisco Systems has released patches for some of its products that use the Apache Struts web development framework and are affected by a recently announced critical vulnerability. The flaw, tracked as CVE-2018-11776, ...
Security Boulevard
Npm Update Crashes Linux Systems

Someone Dropped a Windows Zero-Day Exploit on GitHub

A previously unknown vulnerability that allows attackers to obtain SYSTEM privileges on Windows computers has been publicly disclosed. Someone with the username SandboxEscaper posted a link to a proof-of-concept exploit on Twitter ...
Security Boulevard