The Hacker News

UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors

BRICKSTORM was first documented by the tech giant last year in connection with the zero-day exploitation of Ivanti Connect ...

Google warns China-linked spies lurking in 'numerous' enterprises

Unknown intruders – likely China-linked spies – have broken into "numerous" enterprise networks since March and deployed ...
GitHub

CVE-2025-31650 (High) detected in tomcat-embed-core-10.1.20.jar

Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the ...
GitHub

CVE-2025-48988 (High) detected in tomcat-embed-core-10.1.20.jar

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 ...
Imperial College London

Using Personal Tomcat in DoC

For several years, we attempted to build and maintain shared Tomcat servers, which many users could use to develop JSP and servlet webapps in parallel. However, they were always unreliable, and we ...