This newbie who just celebrated 100 days of #selfhosting was able to install #Apache and #Varnish on her #Ubuntu VPS (to prevent the "Mastodon Hug of Death" for link preview cards on her self-hosted Ghost blog). She's very proud of herself for all the sudo commands she successfully ran today. And she's weirded out talking about herself in the third person, so: I did it YAY.
LOVE LOVE LOVE this Linux / self-hosting journey I'm on. Thank you for all your support & encouragement 
“Israel is gunning down children with Apache helicopters: They just keep unleashing new horrors...”
by Ricky Hale and Council Estate Media on Substack
“Last night in Gaza, we operated on a 15 year old girl who was riding her bike when she was shredded by an #Apache #helicopter. She will be lucky if she keeps 2 of her limbs after 12 hours of collective surgery” - Dr Mark #Perlmutter
New: Broadcom has updated a critical vulnerability today.
Broadcom Mainframe Software Security Advisory for Apache Tomcat Vulnerability CVE-2025-24813 https://support.broadcom.com/web/ecx/security-advisory @symantec #Apache #cybersecurity #Infosec
(horizon3.ai) What to know about recent Github Actions and Apache Tomcat vulnerabilities—before you investigate https://www.horizon3.ai/attack-research/attack-blogs/critical-or-clickbait-github-actions-and-apache-tomcat-rce-vulnerabilities-2025/
The article from Horizon3 analyzes two recent high-profile vulnerabilities: CVE-2025-30066 affecting GitHub Actions (tj-actions/changed-files) and CVE-2025-24813 affecting Apache Tomcat. Despite widespread publicity, Horizon3.ai's Attack Team found that actual exploitation risk is significantly lower than reported. For the GitHub Actions vulnerability, only one repository among 1,200 examined was exposed, with no evidence of data exfiltration. For Apache Tomcat, analysis of over 10,000 endpoints revealed no vulnerable configurations in production environments. The article emphasizes the importance of prioritizing security responses based on actual risk rather than media hype.
Active Exploitation Alert: Critical Apache Tomcat RCE (CVE-2025-24813). Majority of traffic targeting U.S.-based systems. Full analysis & attacker IPs: https://greynoise.io/blog/active-exploitation-critical-apache-tomcat-rce-vulnerability-cve-2025-24813
#ApacheTomcat #Apache #GreyNoise #Vulnerability #CVE202524813
"Wow is only took attackers 30 hours to start using this new bug!"
No. To them it's a 3 year old bug that's hard to use so they didn't, but since it got patched, they are using it up while they can.
https://thehackernews.com/2025/03/apache-tomcat-vulnerability-comes-under.html?m=1
Threat actors rapidly exploit new #Apache #Tomcat flaw following PoC release
https://securityaffairs.com/175522/security/threat-actors-rapidly-exploit-new-apache-tomcat-flaw-following-poc-release.html
#securityaffairs #hacking
#EmilyPike from the San Carlos #Apache tribe was murdered. She was only 14. The young girl was reported missing on Jan 27, 2025. Her dismembered remains were discovered on Feb 14, 2025 off Highway 60 near #Globe , Arizona.
My heart goes out to Emily’s loved ones - her mother, family and friends. No one should ever loose their child this way.
Share this post to spread the awareness. And let us honour her memory
#JusticeForEmilyPike #JusticeForEmily
#NoMoreStolenSisters #MMIWG
The downside is adding from my phone. I use #orgzly that I replicate with #nextcloud via #apache on an RPI5, #owncloud is also good. In #orgroam I have the orgzly mirror tumbled into a bookmarked page where I periodically relocate notes not needed on my phone.
I DREAM of the day all of my notes are on only MY server, and only MY phone could access them. This is my compromise.
@oatmeal so stop the fight please.
#FOSS software is international. For anyone to use. #Linux, #KDE, #Gnome, #apache, #libreoffice, all the rest, have contributions from all parts of the world, including US, Russia, China, India and in fact most countries out there. It provides #technology and #freedom for anyone who wants it. Freedom of #choice, freedom for #privacy, freedom of thought, free of cost. And so it should be.
https://www.europesays.com/1880349/ Poland leases eight Apache gunships as warmup ahead of major delivery #Aktualności #Apache #CirculatedDefenseNews #DefenseNews #DefenseSpending #DnDnr #nato #poland #polska
So this should get rid of the bots:
# Deny bots
RewriteCond %{HTTP_USER_AGENT} "[Bb]ot/|meta-externalagent"
RewriteRule .* - [G]
warms my heart when i see facebookexternalhit get slapped with a 403 forbidden in the httpd logs
#Apache fixed a critical #SQL Injection in #Apache Traffic Control
https://securityaffairs.com/172307/security/apache-traffic-control-critical-flaw.html
#securityaffairs #hacking
Note that if you are coding against Struts, not just using a product based on struts, you'll need to edit any file upload code with ActionFileUploadInterceptor.
https://www.securityweek.com/exploitation-of-recent-critical-apache-struts-2-flaw-begins/
Threat actors are attempting to exploit #Apache #Struts vulnerability CVE-2024-53677
https://securityaffairs.com/172109/hacking/apache-struts-vulnerability-cve-2024-53677-flaw.html
#securityaffairs #hacking
Amazon S3 gets new bucket type and metadata management
Amazon is adding new functions to the S3 storage service for its in-house conference re:Invent. The focus is on data management.
