Wednesday , July 1 2026
apache

multiple vulnerabilities found in apache HTTP server

infosecbulletin Tuesday , July 2 2024 Vulnerabilities

The Apache Software Foundation has found multiple security issues in the widely used Apache HTTP Server. These vulnerabilities could lead to denial-of-service attacks, remote code execution, and unauthorized access, putting many websites at risk of cyberattacks.

CVE-2024-36387 to CVE-2024-39573 are vulnerabilities in Apache HTTP Server’s components like mod_proxy, mod_rewrite, and core functionalities. Some of the most serious issues are:

Apple fixes more than 30 iOS, macOS, and Safari flaws

By infosecbulletin / Wednesday , July 1 2026
Apple released security updates on Monday for iOS, macOS, and Safari. These updates fix more than thirty issues, including four...
Read More
Apple fixes more than 30 iOS, macOS, and Safari flaws

Attackers exploit critical flaw in Oracle E-Business

By infosecbulletin / Tuesday , June 30 2026
Attackers are now using a flaw (called CVE-2026-46817) in the Oracle E-Business Suite (EBS) financial app, according to the security...
Read More
Attackers exploit critical flaw in Oracle E-Business

WhatsApp to allow usernames instead of phone numbers

By infosecbulletin / Tuesday , June 30 2026
WhatsApp is about to release a big update that may change how people communicate on the app. Soon, users can...
Read More
WhatsApp to allow usernames instead of phone numbers

Linux Unveils New Open Source Security Project “Akrites” For (OSS) Ecosystem

By infosecbulletin / Monday , June 29 2026
The Linux Foundation said on Thursday that they are starting a new project to fix flaws in open source software...
Read More
Linux Unveils New Open Source Security Project “Akrites” For (OSS) Ecosystem

Data breach affects 14.2 million email logins across six ISPs

By infosecbulletin / Sunday , June 28 2026
KDDI Corporation, a Japanese telecom company, revealed a data breach. Hackers got into one of its email systems that five...
Read More
Data breach affects 14.2 million email logins across six ISPs

Asian Two AI startups launch Mythos-like Model

By infosecbulletin / Sunday , June 28 2026
Two Asian AI companies have released new models this week that compete with Anthropic’s recently limited Mythos and Fable models,...
Read More
Asian Two AI startups launch Mythos-like Model

Polymarket Hack Reportedly Results in $3 Million Theft

By infosecbulletin / Saturday , June 27 2026
Polymarket is a platform for prediction markets using cryptocurrency. It lets users bet on what might happen in real-life events...
Read More
Polymarket Hack Reportedly Results in $3 Million Theft

Anthropic Confirms US Infrastructure Redeployment of Claude Mythos 5

By infosecbulletin / Saturday , June 27 2026
Anthropic said that Claude Mythos 5, its strongest AI security model, will be sent back to some U.S. orgs that...
Read More
Anthropic Confirms US Infrastructure Redeployment of Claude Mythos 5

Hackers Target Cloudflare-Hosted AWS Domains to Steal Console Logins

By infosecbulletin / Friday , June 26 2026
A complex phishing attack targets AWS console users by misusing Cloudflare-hosted websites to steal login details. Each domain had a nearly...
Read More
Hackers Target Cloudflare-Hosted AWS Domains to Steal Console Logins

Daily Cyber security update for 26. 06. 2026

By infosecbulletin / Friday , June 26 2026
Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 26. 06. 2026

CVE-2024-38472 (Important): Server-Side Request Forgery (SSRF) vulnerability on Windows systems, potentially leaking sensitive NTML hashes.

CVE-2024-38474 (Important): Code execution and source disclosure via encoded question marks in backreferences.

CVE-2024-38475 (Important): Unauthorized access to filesystem locations through improper escaping in mod_rewrite.

CVE-2024-38476 (Important): Information disclosure, SSRF, or local script execution via malicious backend application output.

These vulnerabilities could let attackers crash servers, bypass authentication, steal sensitive data, or take control of affected systems. Upgrade to Apache Software Foundation version 2.4.60 to fix reported vulnerabilities. Organizations that don’t update their software on time may suffer from website crashes, data leaks, and money losses.

Additionally, organizations should:

Check and adjust settings, especially for mod_proxy and mod_rewrite, to prevent issues. Keep an eye on logs for any unusual activity or unauthorized access attempts. Consider using a web application firewall (WAF) to filter out harmful traffic and reduce the risk of attacks.

Check Also

Wazuh

Critical Wazuh Vuln Enables Alert Tampering and Evidence Deletion

A critical security flaw has affected the open-source security community. Recently, complete details and working …

Mail: [email protected]
© Copyright 2026, All Rights Reserved InfoSecBulletin