apache Archives • Daily CyberSecurity

Ghost Folders: “Directory Shadowing” Hack Hijacks WordPress SEO WordPress Directory Shadowing SEO Spam Malware

Ghost Folders: “Directory Shadowing” Hack Hijacks WordPress SEO

Do Son February 5, 2026

A new and stealthy malware campaign is targeting WordPress sites, turning trusted pages into billboards for online...

Log4j’s Security Blind Spot: New TLS Flaw Lets Attackers Intercept Sensitive Logs Despite Encryption CVE-2022-23307 Log4j TLS Bypass, Socket Appender Vulnerability

Log4j’s Security Blind Spot: New TLS Flaw Lets Attackers Intercept Sensitive Logs Despite Encryption

Do Son December 19, 2025

The Apache Software Foundation has released a security update for its widely used Log4j logging library, addressing...

Critical Plesk Flaw (CVE-2025-66430) Risks Full Server Takeover via LPE and Apache Config Injection Plesk privilege escalation flaw CVE-2026-44962 patch Plesk LPE, Root Command Execution

Plesk privilege escalation flaw CVE-2026-44962 patch Plesk LPE, Root Command Execution

Critical Plesk Flaw (CVE-2025-66430) Risks Full Server Takeover via LPE and Apache Config Injection

Do Son December 15, 2025

A critical security vulnerability has been discovered in Plesk, a leading web hosting and data center automation...

Apache HTTP Server 2.4.64 Released: Patches 8 Vulnerabilities, Including HTTP Splitting, SSRF & DoS CVE-2024-38472 Apache HTTP Server, Security Patches

Apache HTTP Server 2.4.64 Released: Patches 8 Vulnerabilities, Including HTTP Splitting, SSRF & DoS

Do Son July 11, 2025

The Apache Software Foundation has issued a new release—Apache HTTP Server version 2.4.64—patching eight security vulnerabilities that...

ModSecurity DoS Flaw: PoC Available for Apache Vulnerability (No Workaround, Patch Pending) libmodsecurity3 Denial of Service WAF Security Vulnerability CVE-2025-27110 ModSecurity vulnerability, JSON DoS

libmodsecurity3 Denial of Service WAF Security Vulnerability CVE-2025-27110 ModSecurity vulnerability, JSON DoS

ModSecurity DoS Flaw: PoC Available for Apache Vulnerability (No Workaround, Patch Pending)

Do Son May 23, 2025

A newly disclosed vulnerability in ModSecurity’s Apache module, tracked as CVE-2025-47947, exposes web servers to a potentially...

Apache mod_auth_openidc Vulnerability Exposes Protected Content mod_auth_openidc, Apache security

Apache mod_auth_openidc Vulnerability Exposes Protected Content

Do Son April 9, 2025

In a recently published security advisory, OpenIDC has revealed a vulnerability in mod_auth_openidc, the widely used OpenID...

Apache OpenMeetings Users Urged to Patch Critical Flaw – CVE-2024-54676 (CVSS 9.8)

Do Son January 8, 2025

A critical security vulnerability (CVE-2024-54676, CVSS 9.8) has been discovered in Apache OpenMeetings, a popular open-source platform...

CVE-2024-45720: Code Execution Flaw Discovered in Apache Subversion for Windows Apache Subversion - CVE-2024-45720

CVE-2024-45720: Code Execution Flaw Discovered in Apache Subversion for Windows

Do Son October 9, 2024

A critical security vulnerability, CVE-2024-45720 (CVSS 8.2), has been identified in Apache Subversion (SVN), a popular version...

CVE-2024-47561: Critical Flaw in Apache Avro Java SDK Allows Arbitrary Code Execution Apache Avro - CVE-2024-47561

CVE-2024-47561: Critical Flaw in Apache Avro Java SDK Allows Arbitrary Code Execution

Do Son October 3, 2024

A critical security vulnerability (CVE-2024-47561) has been discovered in the Apache Avro Java SDK, potentially allowing attackers...

Critical Security Advisory for Apache CloudStack: CVE-2024-38346 and CVE-2024-39864 CVE-2024-38346 & CVE-2024-39864

Critical Security Advisory for Apache CloudStack: CVE-2024-38346 and CVE-2024-39864

Do Son July 8, 2024

The Apache Software Foundation has issued an urgent security advisory, disclosing two critical vulnerabilities (CVE-2024-38346 and CVE-2024-39864)...

CVE-2024-27348: Apache HugeGraph RCE Vulnerability, PoC Exploit Published CVE-2024-27348 exploit

CVE-2024-27348: Apache HugeGraph RCE Vulnerability, PoC Exploit Published

Do Son June 4, 2024

The Apache Software Foundation has issued a critical security advisory warning users of a remote code execution...

CVE-2024-23944: Critical Apache ZooKeeper Flaw Exposes Sensitive Data, Patch Immediately

Do Son March 14, 2024

Apache ZooKeeper, a widely used coordination service for distributed applications, has a critical security vulnerability, tracked as...

CVE-2024-23452: Apache bRPC HTTP Request Smuggling Vulnerability

Do Son February 8, 2024

Apache bRPC is an Industrial-grade RPC framework using C++ Language, which is often used in high-performance system...

The Triple Threat Found in Apache Superset CVE-2023-49734

The Triple Threat Found in Apache Superset

Do Son December 19, 2023

Apache Superset, a cutting-edge business intelligence web application, has recently been under the cybersecurity spotlight due to...

APACHE PROTECTION WITH MODSECURITY apache

APACHE PROTECTION WITH MODSECURITY

Do Son July 8, 2017

There are so many ways to protect Web-server. On this post, I’m going to guide how to use ModSecurity WAF to...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

apache

Ghost Folders: “Directory Shadowing” Hack Hijacks WordPress SEO

Log4j’s Security Blind Spot: New TLS Flaw Lets Attackers Intercept Sensitive Logs Despite Encryption

Critical Plesk Flaw (CVE-2025-66430) Risks Full Server Takeover via LPE and Apache Config Injection

Apache HTTP Server 2.4.64 Released: Patches 8 Vulnerabilities, Including HTTP Splitting, SSRF & DoS

ModSecurity DoS Flaw: PoC Available for Apache Vulnerability (No Workaround, Patch Pending)

Apache mod_auth_openidc Vulnerability Exposes Protected Content

Apache OpenMeetings Users Urged to Patch Critical Flaw – CVE-2024-54676 (CVSS 9.8)

CVE-2024-45720: Code Execution Flaw Discovered in Apache Subversion for Windows

CVE-2024-47561: Critical Flaw in Apache Avro Java SDK Allows Arbitrary Code Execution

Critical Security Advisory for Apache CloudStack: CVE-2024-38346 and CVE-2024-39864

CVE-2024-27348: Apache HugeGraph RCE Vulnerability, PoC Exploit Published

CVE-2024-23944: Critical Apache ZooKeeper Flaw Exposes Sensitive Data, Patch Immediately

CVE-2024-23452: Apache bRPC HTTP Request Smuggling Vulnerability

The Triple Threat Found in Apache Superset

APACHE PROTECTION WITH MODSECURITY