From our new IBM partnership to urgent Spring, Struts, and Angular vulnerabilities—see what’s changing across the OSS landscape and how to stay secure.
View in browser
B

September 2025

HeroDevs + IBM

Securing End-of-Life OSS Together

herodevs_ibm

IBM chose HeroDevs to protect enterprises running on end-of-life versions of Spring and Struts frameworks—delivering compliance, stability, and security at scale.

Why IBM chose HeroDevs

Spring Cloud Gateway CVE-2025-41243: Critical Alert

A runtime environment modification flaw puts Spring Cloud Gateway apps at risk—NES customers are already patched.

View the full advisory

Keeping Spring Framework & Boot Secure

 

From dependency risks to CVEs, here’s how to harden your Spring stack and stay ahead of vulnerabilities.

Explore the security guide

NumPy 1.x Is Officially End-of-Life

The Python ecosystem’s most-used library has sunsetted. Find out what this means and your options forward.

See your upgrade path

3 CVEs Hit End-of-Life Apache Struts Apps

Unpatched Struts apps face critical flaw, See what’s exposed and how NES keeps them protected.

Review the CVE breakdown

Angular CVE-2025-59052: Race Condition Rumble

 

A new race condition bug creates risks in Angular. Let’s go over what it means and how it impacts developers.

Read the analysis

Hidden Risks in Outdated JS Testing Frameworks

 

Jest, Mocha, Cypress: EOL frameworks in your CI/CD pipeline may be your weakest link.

Uncover the risks

Stay in the know.

Follow our LinkedIn newsletter for the latest on EOLs, CVEs, breaches, and OSS trends. 

 

Subscribe on LinkedIn
LinkedIn
X
YouTube

HeroDevs, Inc., 8850 S 700 E #2437, Sandy, UT 84070, United States, 1-877-586-1965

Unsubscribe Manage preferences