Cisco’s Talos says they’ve observed active attacks against a Zero-Day vulnerability in Apache’s Struts. Cisco started investigating the vulnerability shortly after it was disclosed and found a number of active attacks. Apache says the problem with Struts exists within the Jakarta Multipart Parser. The alternative is the Pell Parser plugin, which uses Jason Pell’s multipart parser instead of the Common-FileUpload library, Apache explains. Both Cisco and Apache urge administrators to take action by patching or ensuring their systems are not vulnerable.”]