<ul><li>A deserialization vulnerability on Apache Tomcat servers is being abused in the wild to completely take over affected endpoints.</li><li>The attack is dead simple to execute and requires no authentication, allowing threat actors to gain full remote access to vulnerable servers.</li><li>Most web application firewalls (WAF) miss this attack, making it difficult for organizations to detect and prevent the breach.</li><li>Users are advised to upgrade to the latest versions of Apache Tomcat to fix the security flaw.</li></ul>

A worrying critical security flaw in Apache Tomcat could let hackers take over servers with ease

Discover more