java Archives • Daily CyberSecurity

Apache Thrift Issues Massive Patch for Critical Cross-Language Flaws Apache Thrift Vulnerabilities Cross-Language Service Security Apache Thrift Security RPC Vulnerability

Apache Thrift Vulnerabilities Cross-Language Service Security Apache Thrift Security RPC Vulnerability

Apache Thrift Issues Massive Patch for Critical Cross-Language Flaws

Do Son April 28, 2026

Apache Thrift, the powerhouse framework used by tech giants to bridge communication between different programming languages, has...

Apache Camel Under Fire: Multiple RCE Flaws Expose Critical Integration Infrastructure Apache Camel RCE Header Injection

Apache Camel Under Fire: Multiple RCE Flaws Expose Critical Integration Infrastructure

Do Son April 28, 2026

Apache Camel, the ubiquitous open-source integration framework used to connect disparate data systems, is facing a significant...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Holiday ColdFusion Attacks Reveal Massive 2.5 Million Request Onslaught

Do Son December 29, 2025

What started as a seemingly targeted holiday raid on Adobe ColdFusion servers has unraveled into a sprawling,...

Discontinued Library: High-Severity lz4-java Flaw (CVE‐2025‐12183) Forces Immediate Migration to Community Fork lz4-java Out-of-bounds Read, Library EOL

lz4-java Out-of-bounds Read, Library EOL

Discontinued Library: High-Severity lz4-java Flaw (CVE‐2025‐12183) Forces Immediate Migration to Community Fork

Do Son December 3, 2025

A high-severity vulnerability, tracked as CVE‐2025‐12183, has been disclosed in the popular lz4-java compression library, exposing applications...

CISA, FBI, NSA Urge Software Industry: Adopt Memory-Safe Languages to Drastically Cut Vulnerabilities Memory-Safe Languages, Software Security

CISA, FBI, NSA Urge Software Industry: Adopt Memory-Safe Languages to Drastically Cut Vulnerabilities

Do Son June 26, 2025

The Cybersecurity and Infrastructure Security Agency (CISA), alongside the FBI, NSA, and key international cybersecurity partners, has...

Apache Tomcat Patches 4 Flaws: DoS, Privilege Bypass, & Installer Risks Addressed Apache Tomcat Vulnerabilities

Apache Tomcat Patches 4 Flaws: DoS, Privilege Bypass, & Installer Risks Addressed

Do Son June 17, 2025

The Apache Software Foundation has disclosed four security vulnerabilities affecting multiple versions of Apache Tomcat, the widely...

Flaw in PostgreSQL JDBC Driver (CVE-2025-49146) Exposes Database Connections to MITM Attacks! PostgreSQL JDBC, MITM Vulnerability

Flaw in PostgreSQL JDBC Driver (CVE-2025-49146) Exposes Database Connections to MITM Attacks!

Do Son June 13, 2025

A recently disclosed vulnerability in the PostgreSQL JDBC Driver (PgJDBC) could allow attackers to intercept database connections...

CVE-2025-41234: Spring Framework Vulnerability Enables Reflected File Download Attacks Spring Framework, RFD Vulnerability

CVE-2025-41234: Spring Framework Vulnerability Enables Reflected File Download Attacks

Do Son June 12, 2025

The Spring project has released a security advisory disclosing a vulnerability in the popular Spring Framework, which...

CVSS 9.9: Critical XXE Flaw in GeoTools Exposes Geospatial Data Systems XXE Vulnerability

CVSS 9.9: Critical XXE Flaw in GeoTools Exposes Geospatial Data Systems

Do Son June 10, 2025

The GeoTools project, a popular open-source Java library used for geospatial data processing, has issued a critical...

Java Apps at Risk: Apache Commons BeanUtils Flaw Exposes RCE Apache Commons BeanUtils vulnerability CVE-2025-48734

Java Apps at Risk: Apache Commons BeanUtils Flaw Exposes RCE

Do Son May 29, 2025

A newly disclosed vulnerability in Apache Commons BeanUtils has raised serious concerns for Java-based applications relying on...

Spring Framework Flaw Allows Unauthorized Access via Security Bypass CVE-2024-38821 - CVE-2025-22223 and CVE-2025-22228 Spring Framework vulnerability, Spring Security

CVE-2024-38821 - CVE-2025-22223 and CVE-2025-22228 Spring Framework vulnerability, Spring Security

Spring Framework Flaw Allows Unauthorized Access via Security Bypass

Do Son May 20, 2025

Spring Framework developers have issued a security advisory addressing a vulnerability that could lead to unauthorized access...

Popular Java Security Framework ‘pac4j’ Vulnerable to RCE (CVE-2023-25581) CVE-2023-25581 - pac4j

Popular Java Security Framework ‘pac4j’ Vulnerable to RCE (CVE-2023-25581)

Do Son October 13, 2024

A new analysis by security researcher Michael Stepankin (@artsploit) of the GitHub Security Lab (GHSL) has uncovered...

Accelerating Memory Safety: DARPA’s TRACTOR Program Transforms C to Rust

Do Son August 4, 2024

DARPA is accelerating the transition to memory-safe programming languages through the TRACTOR program, aimed at automated conversion...

Developer Ecosystem in 2018 Report: Java is the most popular primary programming languages

Do Son June 8, 2018

JetBrains has just released “The State of Developer Ecosystem in 2018” Report, which includes developer preferences for...

Installation & Configuration JDK8 on Ubuntu/Linux Mint Screenshot from 2017-07-25 09-44-56

Installation & Configuration JDK8 on Ubuntu/Linux Mint

Do Son July 26, 2017

Installation & Configuration JDK8 on Ubuntu/Linux Mint Installation JDK8 Run command Check Configure the $JAVA_HOME environment Check...

Critical Alert 1 Active Exploit Detected Today