Ongoing scans for Apache Tomcat servers unpatched against the Ghostcat vulnerability that allows potential attackers to take over servers have been detected over the weekend. As cyber threat ...

Some older versions of Apache Tomcat, the company’s open source web server and servlet container, are vulnerable to remote code execution. Some older versions of the open source Apache Tomcat web ...

A coordinated campaign of brute-force attacks using hundreds of unique IP addresses targets Apache Tomcat Manager interfaces exposed online. A critical remote code execution (RCE) vulnerability in ...

A vulnerability found in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The remote code execution (RCE) bug allows attackers to take over servers using a PUT API ...

Security outfit Wallarm spotted a PoC in the wild The method abuses a deserialization flaw in Apache Tomcat It allows attackers to fully take over vulnerable endpoints A deserialization vulnerability ...

Apache Tomcat servers released in the last 13 years are vulnerable to a bug named Ghostcat that can allow hackers to take over unpatched systems. Discovered by Chinese cybersecurity firm Chaitin Tech, ...

Recently, I was asked to reorganize some of our Web applications to improve their stability. The major push was to get each of our applications running in its own instance of Tomcat. These ...