While probes looking for vulnerable Apache Struts 2 deployments continue, malicious traffic has tapered off, researchers at Rapid7 said.

Apache administrators are urged to immediately upgrade the Struts 2 web application framework to address a remote code execution flaw under public attack.

While the iMessage crypto bug got most of the attention among this week’s Apple patches, another vulnerability that was addressed represents a nasty trend of privilege escalation flaws that merit watching. Researchers at Cisco on Wednesday disclosed details on a flaw in an OS X graphics kernel driver that begs to be chained with any number of...