The Hacker News

Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch

Critical XXE flaw CVE-2025-66516 affects multiple Apache Tika modules, exposing systems and requiring urgent updates.
ZDNet

New update addresses two serious Apache flaws

The Apache Software Foundation has released a new revision (version 2.0.46) of its popular Web server software, mostly to correct two newly disclosed security holes. One problem, similar to the one ...
ZDNet

Apache bug prompts update advice

Discovered by the company's security consultant Brett Gervasoni, the vulnerability exists in Apache's core "mod_isapi" module. By exploiting the module, an attacker could remotely gain system ...
InfoWorld

Update: Apache Geronimo readied as Java app server

LAS VEGAS — Geronimo, the open source Java application server in development by the Apache Software Foundation, will provide a malleable technology base amenable to applications such as regulatory ...