Coordinated Brute Force Activity Targeting Apache Tomcat Manager Indicates Possible Upcoming Threats
ATT&CK techniques detected
T1110Brute Force
59%
"coordinated brute force activity targeting apache tomcat manager indicates possible upcoming threats greynoise recently observed a coordinated spike in malicious activity against apache tomcat manager interfaces. on june 5, 2025, two greynoise tags — tomcat manager brute force at…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
GreyNoise recently observed a coordinated spike in malicious activity against Apache Tomcat Manager interfaces. On June 5, 2025, two GreyNoise tags — Tomcat Manager Brute Force Attempt and Tomcat Manager Login Attempt — registered well above baseline volumes, indicating a deliberate attempt to identify and access exposed Tomcat services at scale.