Mastodawn

Reminder to anyone using #ApacheCamel SCP/SFTP connections: Apache Camel does not perform host identity validation unless you explicitly configure "StrictHostKeyChecking" as "yes". The default value for "StrictHostKeyChecking" is "no". If you do not explicitly configure this option as "yes", the connections are susceptible to meddler in the middle attacks.

What is the impact of such insecure configuration?

If you are using SSH password authentication, the attacker in a privileged network position can perform full MiTM, grab the username and password, and thus gain authenticated access to the target server.

If you use a key-based authentication, the attacker cannot perform full MitM. However, they can still present a fake server and, in case of upload, steal the uploaded files. In case of download, the malicious server can present fake or malicious files for download.

So, any configuration that could get intercepted MUST always specify the host identity and use "StrictHostKeyChecking" "yes". Even configurations in secured networks should use "yes" for additional security.

Unfortunately, the Apache Camel documentation isn't clear on this topic, and the OpenSSH's similar option and its default value working in a different manner can easily lead to confusion and insecure configurations.

#insecuredefaults

secbro42 Apr 28

☠️ Apache Camel CoAP Component RCE Vulnerability Allows Unauthenticated Remote Code Execution with a Single UDP Packet �

#ApacheCamel #CVE202633453 #CamelSecurityVulnerability #CoAPInjection #RemoteCodeExecution #cve #cybersecurity #iso27001

InfoQ Apr 27

In this #InfoQ article, Vignesh Durai explains how agentic and multimodal AI systems can be engineered using #ApacheCamel & #LangChain4j.

The solution combines LLM-based reasoning, retrieval-augmented generation (RAG), and image classification.

🔗 Read now: https://bit.ly/4sXdlcM

#AI #LLMs #DataPipelines

OffSequence Apr 27

🔴 CRITICAL: CVE-2026-40858 in Apache Camel's camel-infinispan lets attackers with cache write access trigger arbitrary code execution. Patch to 4.20.0/4.14.7/4.18.2 ASAP! More info: https://radar.offseq.com/threat/cve-2026-40858-cwe-502-deserialization-of-untruste-52424157 #OffSeq #ApacheCamel #Infosec #CVE2026_40858

LinuxTeck Apr 23

AI doesn’t struggle with complexity.
It struggles with lack of structure.

Frameworks like Apache Camel just fit better.

#apachecamel #ai #devops #microservices #opensource #LinuxTeck

OffSequence Feb 24

🚨 CRITICAL: CVE-2026-23552 in Apache Camel 4.15.0 – 4.17.x breaks tenant isolation — JWT tokens from any Keycloak realm may be accepted! Upgrade to 4.18.0 ASAP to secure multi-tenant systems. https://radar.offseq.com/threat/cve-2026-23552-cwe-346-origin-validation-error-in--099c72c7 #OffSeq #ApacheCamel #Vuln #Keycloak

Zineb Bendhiba Feb 20

Apache Camel MCP Server: Bringing Camel Knowledge to AI Coding Assistants https://camel.apache.org/blog/2026/02/camel-jbang-mcp/ #ApacheCamel

Apache Camel MCP Server: Bringing Camel Knowledge to AI Coding Assistants

Introducing the Camel MCP Server, a Model Context Protocol server that exposes the full Camel Catalog, route validation, security analysis, and more to AI coding assistants like Claude Code, OpenAI Codex, and others.

Apache Camel

Zineb Bendhiba Feb 10

#ApacheCamel : almost 500 million downloads in 2025
Read the 2025 download dtatistics https://camel.apache.org/blog/2026/02/2025-downloads/ #apachecamel

Apache Camel 2025 Download Statistics

The rising popularity of Apache Camel with almost 500 million downloads in 2025

Apache Camel

Otavio R. Piske Jan 22

🇧🇷 Pessoal, dia 27/01 vou participar de um bate papo no QuarkusClub sobre #ApacheCamel focado em um tema ainda pouco explorado: a infraestrutura de código por trás dos sistemas inteligentes.

#bolhadev #java

https://www.youtube.com/watch?v=BzEZFF2nrNw