Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access

Why CTEM is the Winning Bet for CISOs in 2025

Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards

⚡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targeting, Botnets and More

New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors

A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based blogging server software that could allow malicious actors to retain unauthorized access even after a password change.
The flaw, assigned the CVE identifier CVE-2025-24859, carries a CVSS score of 10.0, indicating maximum severity. It affects all versions of Roller up to and including 6.1.4.

Headline

Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence

The Hacker News: Latest News