Tomcat in the Crosshairs: New Research Reveals Ongoing Attacks

Aqua Cloud Native Blog \ Tags: Software Supply Chain Security

SECURITY RESEARCH
Tomcat in the Crosshairs: New Research Reveals Ongoing Attacks
News headlines reported that it took just 30 hours for attackers to exploit a newly discovered vulnerability in Apache Tomcat servers. But what does this mean for workloads relying on Tomcat? Aqua Nautilus researchers discovered a new attack campaign targeting Apache Tomcat. In this blog, we shed light on newly discovered malware that targets Tomcat …
Read more
RUNTIME SECURITY
Supply Chain Security Risk: GitHub Action tj-actions/changed-files Compromised
CVE-2025-30066
On March 14th, 2025, security researchers discovered a critical software supply chain vulnerability in the widely-used GitHub Action tj-actions/changed-files (CVE-2025-30066). This vulnerability allows remote attackers to expose CI/CD secrets via the action’s build logs. The issue affects users who rely on the tj-actions/changed-files action in GitHub workflows to track changed files within a pull request. …
Read more
SECURITY RESEARCH
Phantom Secrets: Undetected Secrets Expose Major Corporations
Security Threat
For years, we’ve been educating developers not to hard-code secrets into their code. Now it turns out that even doing this once might permanently expose that secret, even after its apparent removal – and worse, most secrets scanning methods will miss it. Our research found that almost 18% of secrets might be overlooked.  
Read more
SECURITY RESEARCH
Linguistic Lumberjack: Understanding CVE-2024-4323 in Fluent Bit
Linguistic Lumberjack is a new critical severity vulnerability (CVE-2024-4323) that affects Fluent Bit versions 2.0.7 through 3.0.3. The vulnerability involves a memory corruption error, potentially leading to denial of service, information disclosure, or remote code execution.  
Read more
SECURITY RESEARCH
The Gaps in Open Source Governance That Threaten the Software Supply Chain
Security Threat
The widespread issue of unmaintained and deprecated npm packages recently discovered by Aqua researchers affects more than a fifth of open source packages. Presenting yet another silent example of hidden threats to the software supply chain, it demonstrates how poor operational and structural integrity of dependencies can be just as risky as code vulnerabilities, while …
Read more
FEDERAL & GOV
Navigating Container Security within the FedRAMP Guidelines
The digital transformation journey of many organizations heavily leans on cloud technologies. As they migrate to the cloud, adhering to stringent security protocols becomes paramount. Enter FedRAMP(R) (Federal Risk and Authorization Management Program). It’s a government-wide initiative designed to provide a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.
Read more
SECURITY RESEARCH
Exploited SSH Servers Offered in the Dark web as Proxy Pools
Security Threat
Aqua Nautilus researchers have shed brighter light on a long-standing threat to SSH in the context of the cloud. More specifically, the threat actor harnessed our SSH server to be a slave proxy and pass traffic through it. In this blog, we will explain this threat, demonstrate how attackers exploit SSH, what actions they take …
Read more
CLOUD SECURITY
Elevating Cloud Security Response with Cloud-to-Code Tracing
Data breaches and ransomware attacks have become a common headline around the globe. Meanwhile, protecting cloud environments has turned into an uphill battle for even the most seasoned CISO. With a broader attack surface, the dynamic nature of open source software, and a growing number of vulnerabilities being discovered each year, being prepared for the …
Read more
SECURITY RESEARCH
Threat Alert: Anatomy of Silentbob’s Cloud Attack
Security Threat
Aqua Nautilus researchers identified an infrastructure of a potentially massive campaign against cloud native environments. This infrastructure is in early stages of testing and deployment, and is mainly consistent of an aggressive cloud worm, designed to deploy on exposed JupyterLab and Docker APIs in order to deploy Tsunami malware, cloud credentials hijack, resource hijack and …
Read more
SECURITY RESEARCH
Fortune 500 at Risk: 250M Artifacts Exposed via Misconfigured Registries
Threat Alert
What if you were told that you had a misconfigured registry with hundreds of millions of software artifacts containing highly confidential and sensitive proprietary code and secrets exposed in your environment right now? This would be what you’d call a really bad day for security. Recently, the Aqua Nautilus research team found just that in …
Read more
CLOUD SECURITY
White House Shifts Cybersecurity Strategy to Drive Resilience
This week, the White House released its updated National Cybersecurity Strategy detailing the comprehensive approach the U.S. Government’s Administration is taking to cybersecurity.
Read more
SOFTWARE SUPPLY CHAIN SECURITY
Software Supply Chain Security vs. SCA: What’s the Difference?
As reliance on software increases in both personal and professional contexts, security of the software supply chain has become a critical concern. Ensuring the security and quality of software is essential for protecting against digital attacks, data breaches, and other cyber threats. Two practices that play a key role in ensuring software security are software …
Read more
Page 1 of 3123Next ›
Need to secure enterprise workloads?
Aqua Cloud Native Application Protection Platform (CNAPP)
Go cloud native with the experts!
Get Demo
Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk. The Aqua Platform, a Cloud Native Application Protection Platform (CNAPP), integrates security from Code to Cloud, combining the power of agent and agentless technology into a single solution. With enterprise scale that doesn’t slow development pipelines, Aqua secures your future in the cloud. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL protecting over 500 of the world’s largest enterprises.
Read Aqua Security reviews on G2

Use Cases

Environments

Partners

Resources

About Us

Get in Touch

Products

Get Started
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use | Cookie Settings |  
Accessibility Tools
Normal text size Medium text size Large text size
Normal display Black & White display High contrast display
Stop transitions and animations Underline Links