---

Apache Struts 2 exploit used to install ransomware on servers

Attackers are exploiting a vulnerability patched last month in the Apache Struts web development framework to install ransomware on servers. The flaw is located in the Jakarta Multipart parser in Apache Struts 2 and allows attackers to execute system commands with the privileges of the user running the web server process.