Connect with us
Software engineers at Google have put forward a proposal that promises to clamp down on prototype pollution, a class of vulnerability that has become a scourge...
An ongoing Google ads malvertising campaign is spreading malware installers that leverage KoiVM virtualization technology to evade detection when installing the Formbook data stealer. KoiVM is...
A critical vulnerability in Atlassian’s Jira Service Management Server and Data Center could allow an unauthenticated attacker to impersonate other users and gain remote access to the systems. Atlassian...
The developers of the GoAnywhere MFT file transfer solution are warning customers of zero-day remote code execution vulnerability on exposed administrator consoles. GoAnywhere is a secure...
Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution...
The New York attorney general’s office has announced a $410,000 fine for a stalkerware developer who used 16 companies to promote surveillance tools illegally. Stalkerware (or...
Security analysis tool Binwalk itself poses a security risk to users running out-of-date versions due to a path traversal vulnerability that could lead to remote code...
When it comes to attacks against application programming interfaces (APIs), the building blocks that provide access to many of our applications, the OWASP API Top Ten is seen...
XSS Hunter now has a home at Truffle Security, which has launched a new version of the tool after its original creator declared that he will be...
A security researcher dropped a zero-day remote code execution (RCE) chain of vulnerabilities affecting Lexmark printers after claiming the disclosure reward he was offered was “laughable”....
