The Apache Software Foundation has released version 2.4.50 of the HTTP Web Server to address two vulnerabilities, one of which is an actively exploited path traversal and file disclosure flaw. The ...

Continuing the theme from my previous column on the relative security of Internet Information Service (IIS) vs. Apache, I’ve come across more studies to support my initial conclusion. Since a single ...

The open-source project has rolled out a security fix for CVE-2021-41773, for which public cyberattack exploit code is circulating. Apache Software has quickly issued a fix for a zero-day security bug ...

Bork!Bork!Bork! Bork can happen to the best of us, but flashing one's undercarriage at the boss of a compliance company is ...

Security researchers have found new backdoor malware targeting Apache web servers, which is designed to expose website visitors to exploit kits like the notorious Blackhole. Researchers at security ...

Apache Server hole, unpatched until last week, shows importance of vulnerability testing for all software, not just code your developers write The Apache Software Foundation rolled out a patch last ...

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? Your email has been sent Apache Tomcat is under attack as cybercriminals actively exploit a recently disclosed ...

QNAP has asked customers to apply mitigation measures to block attempts to exploit Apache HTTP Server security vulnerabilities impacting their network-attached storage (NAS) devices. The flaws ...

This week, the Apache Software Foundation has patched a severe vulnerability in the Apache (httpd) web server project that could --under certain circumstances-- allow rogue server scripts to execute ...