CVE-2025-66516 is a critical Apache Tika vulnerability can be exploited on all platforms in XXE injection attacks via crafted ...

PLUS: New kind of DDOS from the Americas; Predator still hunting spyware targets; NIST issues IoT advice; And more! Infosec ...

[Update: here's a comment just added to his original blog by Pierre-Marc. As pointed out here it appears that what we call Linux/Chapro.A has already been publicly discussed here by UnmaskParasites.We ...

CVE-2025-54988 is a weakness in the tika-parser-pdf-module used to process PDFs in Apache Tika from version 1.13 to and ...

Critical XXE flaw CVE-2025-66516 affects multiple Apache Tika modules, exposing systems and requiring urgent updates.

More than half of all web servers on the Internet use Apache, so when we discovered a malicious Apache module in the wild last month, being used to inject malicious content into web pages displayed by ...

The Apache Software Foundation's earlier fix for a critical Tika flaw missed the full scope of the vulnerability, prompting ...

MGI is an Apache 2 module that adds full functionality to every web site on your server using a simple tag structure. MGI includes 67 tags to enhance a web site with everything from simple counters ...

Google is funding a project at the Internet Security Research Group to port a crucial component of the Apache HTTP web server project from the bug-prone C programming language to a safer alternative ...

Recently, we took a look at the Caddy Web server. Today, we're going to back things up a little bit and look at the A from the classic LAMP stack: the Apache Web server. Apache has a bad reputation ...