Meta Seeks Legal Shield From Child-Harm Lawsuits Amid KOSA Talks 
SpaceX Surpasses Amazon in Market Value as Post-IPO Rally Accelerates 
Google Gemini Co-Lead Noam Shazeer Leaves for OpenAI Amid AI Talent Race 
G7 Explores AI Access Deal With U.S. Amid Anthropic Restrictions 
Baseten Secures $1.5 Billion Funding at $13 Billion Valuation Amid AI Infrastructure Boom 
Chinese Social Media Giant Xiaohongshu Eyes Hong Kong IPO at Over $70 Billion Valuation 
Google’s Open-Source AI Data Center Cooling Design Raises Commoditization Concerns 
World Cup technology: from ref cams to AI analysts, cutting-edge research is changing the game 
SoftBank Shares Drop as OpenAI Losses and Rising Costs Spark Investor Concerns 
SpaceX Stock Slides After IPO Rally as Valuation Concerns Grow 
Tencent Reviews Marvelous Stake as Gaming Giant Reassesses Global Investment Strategy 
Trump Says Anthropic No Longer Seen as National Security Threat 
US Raises Concerns Over Possible ASML EUV Machine Transfer to China 
Samsung Gains Interest from BYD, Google, AMD as AI Chip Demand Strains TSMC Capacity 
Hacking is a serious issue that modern companies have to prepare for. However, it would seem that a majority of Fortune 100 firms have actually been vulnerable for nearly ten years due to a bug that remained hidden until recently. The bug was found in a well-known software called Apache Struts, which is used by a lot of web developers.
According to the report filed by the researchers who found the bug, the security vulnerability would have allowed hackers to breach the websites of over 65 percent of the Fortune 100 companies using the software. From there, individuals with malicious intent would have been able to do all kinds of unfortunate things.
“Security researchers at lgtm.com have discovered a critical remote code execution vulnerability in Apache Struts — a popular open-source framework for developing web applications in the Java programming language,” the report reads. “All versions of Struts since 2008 are affected; all web applications using the framework’s popular REST plugin are vulnerable. Users are advised to upgrade their Apache Struts components as a matter of urgency. This vulnerability has been addressed in Struts version 2.5.13.”
Among some of the things that intruders could have done with this bug is inject malware into the code of websites, Quartz reports, which would have been hard to detect. This would have allowed them to do things like steal data, which to a Fortune 100 company would have been devastating, or delete said data, which would have been just as bad.
The researchers who discovered this bug also came up with an exploit to actually allow them to do these things, though, they refused to share it with others. More to the point, there’s no evidence right now that anyone else has been able to do the same, which is good news for these companies.
