Threat Post

Patch Released for Critical Apache Struts Bug

The Apache Software Foundation released a patch on Tuesday for a critical vulnerability impacting all versions of Struts since 2008. The Apache Software Foundation has patched a critical remote code ...
Threat Post

PoC Exploit Targeting Apache Struts Surfaces on GitHub

Researchers have discovered freely available PoC code and exploit that can be used to attack unpatched security holes in Apache Struts 2. Proof-of-concept exploit code surfaced on GitHub on Friday, ...
Bleeping Computer

Ransomware Gang Made Over $100,000 by Exploiting Apache Struts Zero-Day

Apache Struts exploit delivering Cerber ransomware (via F5) From this point on, Cerber took over, encrypted files, and displayed its standard ransom note, leaving victims no choice but pay the ransom ...