Researchers found two flaws in Spring Framework (CVE-2026-22737 & CVE-2026-22735) allowing path bypasses and stream corruption. Patch your apps today. #SpringFramework #JavaSecurity #CVE #CyberSecurity #InfoSec #Vulnerability #AppSec #SpringMVC #PatchAlert securityonline.info/spring-framewo…

A MITM-based Zip Slip vulnerability (CVE-2023-24057) affects `ca.uhn.hapi.fhir:org.hl7.fhir.core`, enabling arbitrary file overwrite. Protect network traffic and monitor for patches. #HAPI #FHIR #JavaSecurity pulsepatch.io/posts/cve-2023…

Security teams in large enterprises already spend significant time tracking vulnerabilities across software supply chains, third-party libraries, and internal codebases. Java… dlvr.it/TQvnCQ #JavaSecurity #Cybersecurity #DevOps #VulnerabilityManagement #Java

🚨 Happening TODAY! 🚨 Learn how to apply the OWASP Top 10 to real-world Java enterprise APIs in this Lightning Talk hosted by NaijaJUG. 🕣 Today | 8:30 – 9:30 PM (WAT) 📍 Google Meet 🎤 Uroko Rosemary Nnenna 👉 Secure your spot: luma.com/5xjubygk #NaijaJUG #JavaSecurity #OWASPTop10 #EnterpriseJava #APISecurity #JavaDev @dashaun @starbuxman @therealdanvega

⏰ Tomorrow: Breaking Tomcat (Live) Watch real-world exploitation of recent Tomcat CVEs—and learn how to lock down production systems. 🗓 Jan 28 | 10:00 AM PST 👉 Last chance to register: bit.ly/3NrI9Ua #ApacheTomcat #JavaSecurity #DevSecOps

A Server-Side Template Injection (SSTI) vulnerability affects XDocReport Freemarker Template (CVE-2025-64087). Update to version 2.1.0 to mitigate potential risks. #XDocReport #SSTI #JavaSecurity pulsepatch.io/posts/cve-2025…

🚨 Breaking Tomcat (Live Demo – Round 2) See how real attackers exploit Apache Tomcat—and how to stop them. ✅ Live CVE exploitation ✅ Common misconfig & patch gaps ✅ Practical hardening steps 🗓 Jan 28 | 10:00 AM PST 👉 bit.ly/3NrI9Ua #ApacheTomcat #JavaSecurity

Still treating security as something you bolt on later? #Java25 brings security into the language itself. Mihaela Gheorghe-Roman breaks down how sealed classes, records & pattern matching close entire classes of vulnerabilities. → javapro.io/2025/12/30/sec… @OpenJDK #JavaSecurity

Apache Tika vulnerability severity rises to 10.0, now affecting tika-core, tika-parsers, and PDF parser modules. Flaw enables XXE injection and data exfiltration in malicious PDFs. #ApacheTika #JavaSecurity #India ift.tt/0eRaYLt