Connect with us
Poor integration of the Ransack library into Ruby on Rails (RoR) applications could allow attackers to steal information from backend databases, security firm Positive Security has warned....
Trellix has patched over 61,000 open source projects against a severe Python bug with the help of an automated tool that dramatically accelerated the process. Last...
A trio of authentication bypass bugs stemming from the use of hardcoded keys have been patched in popular enterprise analytics platform Yellowfin BI. After uncovering the...
UPDATED Password vault vendor Bitwarden has responded to renewed criticism of the encryption scheme it uses to protect users’ secret encryption keys by enhancing the mechanism’s default security configuration....
CISA’s report, which was mandated by the K-12 Cybersecurity Act of 2021, outlined a variety of steps that primary and secondary schools can take to bolster...
A trio of authentication bypass bugs stemming from the use of hardcoded keys have been patched in popular enterprise analytics platform Yellowfin BI. After uncovering the...
UPDATED Password vault vendor Bitwarden has responded to renewed criticism of the encryption scheme it uses to protect users’ secret encryption keys by enhancing the mechanism’s default security configuration....
IoT vendors are making slow progress in making it easy for security researchers to report security bugs, with only 27.1% of suppliers offering a vulnerability disclosure...
Grand Theft Auto (GTA) Online players report losing game progress, in-game money being stolen, and being banned from game servers due to an alleged vulnerability in...
Amazon Web Services (AWS) has patched a bypass bug that attackers could exploit to circumvent CloudTrail API monitoring. In a blog post dated January 17, Datadog...
