Developers behind the Apache HTTP Server Project are urging users to apply a fix immediately to resolve a zero-day vulnerability. According to a security advisory dated October 5, the bug is known to ...

The Apache Software Foundation has released version 2.4.50 of the HTTP Web Server to address two vulnerabilities, one of which is an actively exploited path traversal and file disclosure flaw. The ...

Don’t freak: It’s got nothing to do with Log4Shell, except it may be just as far-reaching as Log4j, given HTTPD’s tendency to tiptoe into software projects. Don’t duck at the latest mention of Apache: ...

How many times have you set up a web server with Apache 2 only to find out that when you attempt to view a page with a .php extension, the page either attempts to save onto the local drive or it ...

A privilege escalation vulnerability of important severity in the Apache HTTP server allowing users with the right to write and run scripts to gain root on Unix systems was fixed in Apache httpd ...

How to improve Apache server security by limiting the information it reveals Your email has been sent Out of the box, your Apache servers are announcing more information than you probably wish. Jack ...

Attackers are exploiting a vulnerability patched last month in the Apache Struts web development framework to install ransomware on servers. The SANS Internet Storm Center issued an alert Thursday, ...

Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers. Apache Struts is an open-source web development ...

Security researchers published a proof-of-concept exploit for a recently disclosed vulnerability that allows attackers to launch denial-of-service attacks against websites hosted on Apache Tomcat ...

The Apache HTTP Server, the Internet’s most widely used Web server, just fixed a serious vulnerability that makes it possible for untrusted users or software to gain unfettered control of the machine ...