U.S.-EU Tensions Rise After $140 Million Fine on Elon Musk’s X Platform 
SoftBank Shares Slide as Oracle’s AI Spending Plans Fuel Market Jitters 
EssilorLuxottica Bets on AI-Powered Smart Glasses as Competition Intensifies 
Mizuho Raises Broadcom Price Target to $450 on Surging AI Chip Demand 
Nvidia Develops New Location-Verification Technology for AI Chips 
SpaceX Reportedly Preparing Record-Breaking IPO Targeting $1.5 Trillion Valuation 
Australia’s Under-16 Social Media Ban Sparks Global Debate and Early Challenges 
EU Prepares Antitrust Probe Into Meta’s AI Integration on WhatsApp 
IBM Nears $11 Billion Deal to Acquire Confluent in Major AI and Data Push 
Adobe Strengthens AI Strategy Ahead of Q4 Earnings, Says Stifel 
EU Court Cuts Intel Antitrust Fine to €237 Million Amid Long-Running AMD Dispute 
Trump’s Approval of AI Chip Sales to China Triggers Bipartisan National Security Concerns 
Australia Enforces World-First Social Media Age Limit as Global Regulation Looms 
Trump Signs Executive Order to Establish National AI Regulation Standard 
US Charges Two Men in Alleged Nvidia Chip Smuggling Scheme to China 
Microsoft Unveils Massive Global AI Investments, Prioritizing India’s Rapidly Growing Digital Market 
Hacking is a serious issue that modern companies have to prepare for. However, it would seem that a majority of Fortune 100 firms have actually been vulnerable for nearly ten years due to a bug that remained hidden until recently. The bug was found in a well-known software called Apache Struts, which is used by a lot of web developers.
According to the report filed by the researchers who found the bug, the security vulnerability would have allowed hackers to breach the websites of over 65 percent of the Fortune 100 companies using the software. From there, individuals with malicious intent would have been able to do all kinds of unfortunate things.
“Security researchers at lgtm.com have discovered a critical remote code execution vulnerability in Apache Struts — a popular open-source framework for developing web applications in the Java programming language,” the report reads. “All versions of Struts since 2008 are affected; all web applications using the framework’s popular REST plugin are vulnerable. Users are advised to upgrade their Apache Struts components as a matter of urgency. This vulnerability has been addressed in Struts version 2.5.13.”
Among some of the things that intruders could have done with this bug is inject malware into the code of websites, Quartz reports, which would have been hard to detect. This would have allowed them to do things like steal data, which to a Fortune 100 company would have been devastating, or delete said data, which would have been just as bad.
The researchers who discovered this bug also came up with an exploit to actually allow them to do these things, though, they refused to share it with others. More to the point, there’s no evidence right now that anyone else has been able to do the same, which is good news for these companies.
