Critical security hole in Apache Struts under exploit
You applied the patch that could stop possible RCE attacks last week, right?
Patches17 Dec 2024 | 4
Apache Software Foundation
Apache issues patches for critical Struts 2 RCE bug
More details released after devs allowed weeks to apply fixes
Patches12 Dec 2024 |
The force is strong in Iceberg: Are the table format wars entering the final chapter?
Interview Former Apple engineer and Apache PMC member Russell Spitzer describes efforts to unite around a single format
Databases03 Oct 2024 | 26
Cassandra redesigns indexing, storage management for 5.0 release
Users warned to get off 3.x releases as support ends
Databases10 Sep 2024 |
OneHouse takes $35M to fight for Hudi in table format wars
After Databricks snaffled Iceberg-linked Tabular, CEO insists there are more than two horses in this race
Databases26 Jun 2024 |
How Apache Spark lit up the tech world and outshone its big data brethren
Interview El Reg queries author Matei Zaharia on a decade of the project
Databases14 Jun 2024 |
NARROWER TOPICS
POC exploit code published for 9.8-rated Apache HugeGraph RCE flaw
You upgraded when this was fixed in April, right? Right??
Security07 Jun 2024 | 2
Three-year-old Apache Flink flaw under active attack
We know IT admins have busy schedules but c'mon
Patches24 May 2024 | 11
Apache OFBiz zero-day pummeled by exploit attempts after disclosure
Issue has been patched so be sure to check your implementations
Cyber-crime08 Jan 2024 |
Four in five Apache Struts 2 downloads are for versions featuring critical flaw
Seriously, people - please check the stuff you fetch more carefully
Patches21 Dec 2023 | 10
Critical Apache ActiveMQ flaw under attack by 'clumsy' ransomware crims
Over a week later and barely any patches for the 10/10 vulnerability have been applied
Cyber-crime02 Nov 2023 | 4
Microsoft extends life support for aging Apache Cassandra 3.11 database
But only if you're ready to cozy up in Azure's abode
Databases10 Oct 2023 |
Mirai botnet loves exploiting your unpatched TP-Link routers, CISA warns
Oracle and Apache holes also on Uncle Sam's list of big bad abused bugs
Patches02 May 2023 | 1
Apache Superset: A story of insecure default keys, thousands of vulnerable systems, few paying attention
Two out of three public-facing app instances open to hijacking
Patches25 Apr 2023 | 18
Native Americans urge Apache Software Foundation to ditch name
Open source org called out for ignoring own code of conduct
Software11 Jan 2023 | 282
Apache Iceberg promises to change the economics of cloud-based data analytics
Feature Adopted by Snowflake, Google and Cloudera, we look at why the Netflix-developed table format is important
Databases03 Jan 2023 | 6
Should open source sniff the geopolitical wind and ban itself in China and Russia?
Opinion Can it even do that? And does FOSS deserve an exemption to sanctions?
Software01 Jan 2023 | 216
Cassandra 4.1 promises dev guardrails and pluggable storage
Apache project focused on stability following previous major upgrade
Databases09 Dec 2022 | 2
Merge requests and insecure GitHub workflows may lead to supply-chain attacks
Starting with Google Firebase and Apache Camel repos
Devops01 Sep 2022 | 8
Cassandra vendor DataStax secures $115m investment for $1.6b valuation
Tech stock crash fails to deter Goldman Sachs as it leads funding round in the real-time data specialist
Databases15 Jun 2022 | 1
Apache says Struts 2 security bug wasn't fully fixed in 2020
But this time the patch should do the trick
Patches13 Apr 2022 | 3
DataStax updates K8ssandra to help Cassandra operate worldwide
Shares multi-cluster lessons from DBaaS in Kubernetes project
Databases08 Mar 2022 |
Open-source IDE NetBeans hits v13 – tweaks for Gradle, Maven
Updated Prepare the IDE of March: Apache emits fragrant burst of beany Java goodness
Software08 Mar 2022 | 15
Open source maintainer threatens to throw in the towel if companies won't ante up
Apache PLC4X creator ends free support, asks for payment for his work
Software13 Jan 2022 | 116
Four million outdated Log4j downloads were served from Apache Maven Central alone despite vuln publicity blitz
It's not as though folks haven't been warned about this
Security11 Jan 2022 | 20
Alibaba Cloud slapped by Chinese ministry for mishandling Log4j
Beijing's not saying what cloudy contender did wrong
Security23 Dec 2021 | 12
Bad things come in threes: Apache reveals another Log4J bug
Third major fix in ten days is an infinite recursion flaw rated 7.5/10
Security19 Dec 2021 | 36
Apache takes off, nukes insecure feature at the heart of Log4j from orbit with v2.16
Now open-source logging library's JNDI disabled entirely by default, message lookups removed
Security14 Dec 2021 | 15
Log4j RCE: Emergency patch issued to plug critical auth-free code execution hole in widely used logging utility
Updated Prepare to have a very busy weekend of mitigating and patching
Security10 Dec 2021 | 65
Running a recent Apache web server version? You probably need to patch it. Now
Unless you want to leak like a sieve
Security06 Oct 2021 | 9
Apache foundation ousts TinkerPop project co-founder for tweeting 'offensive humor that borders on hate speech'
ASF board member resigns in protest of org's online chatter 'policing'
Software23 Feb 2021 | 126
Holy Guacamole! Researchers find Apache remote desktop software was silently pwnable for snooping on sessions
Best get updating pronto, folks
Security02 Jul 2020 | 5
Amazon pushes the button on Keyspaces: Cassandra lookalike to boost its NoSQL credentials
Serverless NoSQL DB to come up against open source sister
Software24 Apr 2020 | 1
DataStax buries Apache hatchet and launches features to make NoSQL Cassandra faster, safer and more graphable
The project 'got kind of gangly and awkward for a while' dev relations veep tells The Reg
Software07 Apr 2020 | 1
Time to svn commit like it's the year 2000: Apache celebrates 20 years of Subversion
Git outta here – has it been that long?
Software28 Feb 2020 | 42
Don't make a FOSS: Apache Software Foundation Board bids farewell to co-founder and two big hitters
Over in proprietary land, musical chairs a thing at Microsoft too as former Windows Insider-in-chief quits
Software25 Jun 2019 | 5
Hadoop coop thrown for loop by malware snoop n' scoop troop? Oh poop
Attacks on distributed frameworks on the rise, it is claimed by infosec biz
Security24 Jan 2019 | 4
BT to 'sunset' Apache CloudStack cloud, customer demand went AWOL
We don't want to be an IaaS about it, but...
SaaS10 Dec 2018 | 12
jQuery? More like preyQuery: File upload tool can be exploited to hijack at-risk websites
Flaw present for the past eight years, easy to exploit, and there are thousands of forks
Security22 Oct 2018 | 13
Apache's latest SNAFU – Struts normal, all fscked up: Web app framework needs urgent patching
Paging Equifax: Time to update again, fellas
Security22 Aug 2018 | 9
Apache Cassandra at 10: Making a community believe in NoSQL
A decade of technical promise and open-source fall-outs
Software16 Jul 2018 | 11
How polite: Fun-bucks coin miners graciously ease off CPU pounding
Conniving crypto creeps caught covertly concealing coin-crafting computer crime code
Security29 Jun 2018 | 5
Oracle corrals and patches Struts 2 vulnerabilities
Big Red issues out-of-band patch for Apache and a few other urgent issues
Security27 Sep 2017 |
Apache OpenOffice: Not dead yet, you'll just have to wait until mid-May for mystery security fixes
Reference to vulns suddenly vanishes after El Reg probe
Software28 Apr 2017 | 61
Apache Foundation hails Metron as new top level project for cybersecurity
♪ Straight outta Cisco, crazy app framework called Metron, open-sourced so data's not crept on ♪
Software24 Apr 2017 | 3
Inside OpenSSL's battle to change its license: Coders' rights, tech giants, patents and more
Analysis Devs who fail to respond to call for change will count as 'yes' votes for AL 2.0
Security24 Mar 2017 | 45
Google must be Beaming as Apache announces its new top-level projects
eBay's Eagle monitoring software also soaring with open-source foundation
On-Prem10 Jan 2017 | 5
Even big data devs make big data security gaffes
Apache Big Data Europe Is that a useful tool or a compromised .exe? Only one way to find out, apparently
Security21 Nov 2016 |
'Podling' Apache projects are spending longer in the incubator
ApacheCon Out of 30, four retired and only seven have graduated this year
Software17 Nov 2016 | 4
Is it time to unplug frail OpenOffice's life support? Apache Project asked to mull it over
Software hit by dev drought: Patch it or lose it
Software02 Sep 2016 | 60
One place to inhale all cloud: Apache Libcloud 1.0 now available
Interoperability, hallelujah
SaaS22 Jun 2016 | 1
Apache Foundation rushes out Arrow as 'Top-Level Project'
... then it took an Arrow to the TLP
Networks17 Feb 2016 | 13
Spark man Zaharia on 2.0 and why it's 'not that important' to upstage MapReduce
Interview Matei tells us about his brainchild
On-Prem15 Feb 2016 | 2
MemSQL makes it easier to hook up to Apache Spark
Spark Streamliner coming at you via GitHub
Databases24 Sep 2015 | 3
Interested in building 'community' Mr Corporation? Please swipe here
Feature Having a foundation doesn’t necessarily mean a great deal
OSes31 Jul 2015 | 1
Don't touch this! Seven types of open source to dance away from
Comment Count the committers for an OSS project, and go from there
Software08 Jul 2015 | 35
Analyse THIS: Facebook alumni upstart Interana inhales MORE cash
+Comment Self-service data discovery analytics explosion
Networks26 Jan 2015 |
Elasticsearch tells us all about its weighty Big Data tool
Customers include EMC and Cisco, says firm
On-Prem23 Dec 2014 | 3
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Networks25 Nov 2014 | 39
Wanna be Facebook? It just open-sourced some of its web server code. Now to find 1bn users...
Proxygen appears under a BSD license
Software05 Nov 2014 | 7
Twitter's Mesos brainbox joins data centre OS venture
PHDer whose web-scale idea went big in one year
Software26 Sep 2014 |
Do you accept Bitcoin? That'll do nicely, says Apache
Late scramble aboard the bitbandwagon for open sourcerers
Software03 Sep 2014 | 9
Biting the hand that feeds IT
