SecurityWeek

Adobe Patches Critical Apache Tika Bug in ColdFusion

Adobe released 11 security bulletins for 25 vulnerabilities, including a critical code execution bug in ColdFusion.
Threat Post

Adobe Fixes Critical ColdFusion Flaw in Emergency Update

Attackers can leverage the critical Adobe ColdFusion flaw to launch arbitrary code execution attacks. In an unscheduled security update, Adobe is warning of a critical security flaw in its ColdFusion ...
Bleeping Computer

CISA warns of Adobe ColdFusion bug exploited as a zero-day

CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited in the wild. This critical arbitrary code execution flaw ...
Infosecurity-magazine.com

Anonymous Said to be Exploiting ColdFusion in Government Hacks

Investigators believe the attacks, which have hit several public-sector agencies, began about a year ago when Anonymous member Lauri Love (indicted in October for hacking NASA) and others found that ...
ZDNet

Adobe ColdFusion servers under attack from APT group

A nation-state cyber-espionage group is actively hacking into Adobe ColdFusion servers and planting backdoors for future operations, Volexity researchers have told ZDNet. The attacks have been taking ...
ZDNet

ColdFusion's Java connection

Macromedia calls CFML "a scripting layer for J2EE." The ability to integrate Java into ColdFusion provides all sorts of opportunities, including access to freely and commercially available Java ...