Ongoing scans for Apache Tomcat servers unpatched against the Ghostcat vulnerability that allows potential attackers to take over servers have been detected over the weekend. As cyber threat ...

Security outfit Wallarm spotted a PoC in the wild The method abuses a deserialization flaw in Apache Tomcat It allows attackers to fully take over vulnerable endpoints A deserialization vulnerability ...

Developers in search of a Java application server have no shortage of options to consider. But before any enterprise selects and ultimately adopts a Java application server for development and ...

Some older versions of Apache Tomcat, the company’s open source web server and servlet container, are vulnerable to remote code execution. Some older versions of the open source Apache Tomcat web ...

A vulnerability found in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The remote code execution (RCE) bug allows attackers to take over servers using a PUT API ...

Apache Tomcat servers released in the last 13 years are vulnerable to a bug named Ghostcat that can allow hackers to take over unpatched systems. Discovered by Chinese cybersecurity firm Chaitin Tech, ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Cory Benfield discusses the evolution of ...

Recently, I was asked to reorganize some of our Web applications to improve their stability. The major push was to get each of our applications running in its own instance of Tomcat. These ...

The Apache Software Foundation for open source projects is readying an upgrade to its Tomcat Java servlet container, eyeing improvements in areas such as scalability and security, Apache personnel ...