Connect with us
A flaw in GitHub’s namespace retirement feature could have allowed attackers to potentially access another user’s repository. Coined ‘repojacking’ by researchers from Checkmarx, the technique could...
The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSSL version 3.0.7, which will fix a critical vulnerability in the popular open-source cryptographic...
MyOpenVDP is a turnkey open-source solution allowing anyone to host their own vulnerability disclosure policy (VDP). Developed by YesWeHack, the web application is available on GitHub....
Microsoft says it addressed an issue preventing the Windows kernel vulnerable driver blocklist from being synced to systems running older Windows versions. This blocklist (stored in...
Are you concerned about the security of your external web applications? Rightly so, as cyber-attacks on web applications are on the rise and can do some...
A pair of vulnerabilities patched in Jira Align could in the “worst-case scenario” be combined by low-privileged malicious users to target Atlassian’s cloud infrastructure, a security...
For the ninth time this year, Apple has released fixes for a zero-day vulnerability (CVE-2022-42827) exploited by attackers to compromise iPhones. About CVE-2022-42827 CVE-2022-42827 is an...
An automated and large-scale ‘freejacking’ campaign abuses free GitHub, Heroku, and Buddy services to mine cryptocurrency at the provider’s expense. The operation relies on abusing the...
The Dutch police have arrested a 19-year-old man in western Netherlands, suspected of breaching the systems of a healthcare software vendor in the country, and stealing...
Fortinet is urging customers to patch a critical authentication bypass vulnerability that has already been exploited in the wild. Earlier this month, the networking vendor patched the bug, CVE-2022-40684,...
