New DripDropper Malware Exploits Linux Flaw Then Patches It Lock Rivals Out
A new report from Red Canary reveals a clever Linux malware called DripDropper that exploits a flaw and…
Apache
Apache Tomcat Coyote Flaw Allows Attackers to Launch DoS Attacks
The Apache Software Foundation has revealed a vulnerability in the Tomcat Coyote module, specifically within the Maven artifact org.apache.tomcat:tomcat-coyote, that could enable malicious actors to orchestrate denial-of-service (DoS) attacks. This fla…
Apache Tomcat and Camel Vulnerabilities Actively Targeted in Cyberattacks
The Apache Foundation disclosed several critical vulnerabilities affecting two of its widely used software platforms, Apache Tomcat and Apache Camel, sparking immediate concern among cybersecurity experts and organizations worldwide. Apache Tomcat, a p…
Hackers Launch Coordinated Attack on Apache Tomcat Manager from 400 Unique IPs
Cybersecurity researchers at GreyNoise Intelligence have identified a significant coordinated attack campaign targeting Apache Tomcat Manager interfaces across the globe. On June 5, 2025, the company’s threat detection systems registered activity…
Apache Tomcat CGI Servlet Flaw Enables Security Constraint Bypass
A newly disclosed vulnerability, CVE-2025-46701, has been identified in Apache Tomcat’s CGI servlet, allowing attackers to bypass security constraints under specific conditions. The flaw, announced on May 29, 2025, is rooted in the improper handling of…
Apache Tomcat RCE Vulnerability Exposed with PoC Released
A critical security vulnerability, tracked as CVE-2025-24813, has been discovered in Apache Tomcat, a widely used open-source Java servlet container and web server. This flaw, stemming from improper handling of file paths, particularly those containing…
CVE-2025-24813: Remote Code Execution in Apache Tomcat via Malicious Session Deserialization
CVE-2025-24813: Remote Code Execution in Apache Tomcat via Malicious Session Deserialization Apache Tomcat is a popular, open-source web server and servlet container maintained by the Apache Software Foundation. It provides a reliable and scalable environment for executing Java Servlets and serving web pages built using Java Server Pages (JSP). Frequently deployed in both development and […]
The post CVE-2025-24813: Remote Code Execution in Apache Tomcat via Malicious Session Deserialization appeared first on Blogs on Information Technology, Network & Cybersecurity | Seqrite.
Hackers Exploit Apache Tomcat Flaw to Hijack Servers and Steal SSH Credentials
A newly discovered attack campaign has exposed vulnerabilities in Apache Tomcat servers, allowing hackers to hijack resources and steal SSH credentials. Researchers from Aqua Nautilus revealed that these attacks, which weaponized botnets within 30 hour…
Hack The Box: Alert Machine Walkthrough – Easy Difficulty
We discovered an XSS vulnerability in .md file uploads and the Contacts tab. By embedding an XSS payload and sharing the link, we extracted data from messages.php, revealing a file parameter vulnerable to LFI. This led us to /var/www/statistics.alert.htb/.htpasswd, which contained a hashed password. Using hashid, we identified it as MD5 (APR1-MD5) and cracked it with Hashcat, retrieving the password ManchesterUnited. With these credentials, we accessed the system and captured the user flag.
After logging into statistics.alert.htb, we found port 8080 open. Using SSH port forwarding, we accessed a monitoring site but needed to locate its directory. Checking ps aux, we found it in /opt/website-monitor. We confirmed file access by testing a basic PHP file, which worked. We then uploaded a PentestMonkey reverse shell, but it didn’t execute. To ensure success, we crafted a reliable PHP shell, triggered it, and gained root access.
🔍 #CyberSecurity #BugBounty #EthicalHacking #PenTesting #CTF #HTB #WebSecurity #XSS #LFI #PrivilegeEscalation #Hacking
The post Hack The Box: Alert Machine Walkthrough – Easy Difficulty appeared first on Threatninja.net.
Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk?
By simply sending HTTP requests, attackers can trigger the deserialisation of malicious data in Tomcat’s session storage and gain control.