apache - Secure Bulletin

Fri. May 23rd, 2025

Sophisticated npm malware campaign exploits Cross-Ecosystem typosquatting

3 May 2025

A coordinated malware operation targeting npm employs cross-ecosystem typosquatting to mimic popular libraries from Python, Java, C++, and .NET ecosystems.…

Vulnerability

Apache Tomcat vulnerability (CVE-2024-38286)

24 September 2024

A severe vulnerability has emerged in Apache Tomcat, a widely used Java application server. Identified as CVE-2024-38286, this flaw poses…

Vulnerability

Urgent security update: vulnerabilities addressed in Apache Linkis

6 August 2024

Apache Linkis, a vital middleware for connecting applications to various data processing engines, has recently patched two significant security vulnerabilities…