Dark Reading

Apache Tomcat RCE Vulnerability Under Fire With 2-Step Exploit

A vulnerability found in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The remote code execution (RCE) bug allows attackers to take over servers using a PUT API ...
Bleeping Computer

Exploit for CrushFTP RCE chain released, patch now

A proof-of-concept exploit was publicly released for a critical remote code execution vulnerability in the CrushFTP enterprise suite, allowing unauthenticated attackers to access files on the server, ...