Connect with us
Researchers are trialing methods to scale up the ability to roll out security fixes for vulnerable components across the open source ecosphere. Tools such as CodeQL (GitHub’s code query language)...
A newly-discovered vulnerability in Apache Pulsar allows a remote attacker to carry out a manipulator-in-the-middle (MitM) attack due to improper certificate validation. Apache Pulsar is a...
A now-patched version of Rancher, an open source Kubernetes management tool, stored secrets in plaintext, a security researcher has discovered. The issue affected various Kubernetes objects and could...
Java templating engine Pebble was vulnerable to a bug that could allow attackers to bypass its security mechanisms and conduct command injection attacks against host servers. Pebble Templates...
Researchers have observed a surge in hacking attempts targeting CVE-2022-24086, a critical Magento 2 vulnerability allowing unauthenticated attackers to execute code on unpatched sites. Magento is...
A prototype pollution bug in the Chromium project allowed attackers to bypass Sanitizer API, a built-in browser library for removing potentially malicious code from user-controlled input...
A prototype pollution bug in the Chromium project allowed attackers to bypass Sanitizer API, a built-in browser library for removing potentially malicious code from user-controlled input...
A vulnerability in the Python programming language that has been overlooked for 15 years is now back in the spotlight as it likely affects more than...
Anaconda released its annual 2022 State of Data Science report, revealing the widespread trends, opportunities, and perceived blockers facing the data science, machine learning (ML), and...
A security flaw in Parse Server that enabled brute-force guessing of sensitive user data on the API server module for Node.js and the Express WAF has...
