Connect with us
Researchers have released details on a trio of cross-site scripting (XSS) vulnerabilities in popular open source apps that could lead to remote code execution (RCE). The security bugs,...
A new vulnerability found in GoLang-based applications allows a threat actor to bypass validations under certain conditions and gain unauthorized access to cloud-native applications, Oxeye researchers have found....
For industries without a heavy IT expertise, responding to the myriad vulnerability advisories released by the Cybersecurity and Infrastructure Security Agency is a daunting task. When...
Security researchers have identified multiple workflows in popular continuous integration and development (CI/CD) service GitHub Actions that are vulnerable to command execution. A research team from...
A pair of vulnerabilities in Google Cloud, DevSite, and Google Play could have allowed attackers to achieve cross-site scripting (XSS) attacks, opening the door to account...
Digital identity verification company Onfido has launched a new bug bounty program, in partnership with European vulnerability disclosure platform YesWeHack. The security rewards program will provide Onfido with...
Diversified technology and infrastructure software provider Open-Xchange has released fixes for several security vulnerabilities impacting OX App Suite. Available as an on-premise solution or as part...
System administrators have even less time to patch disclosed security vulnerabilities than previously thought, as a new report shows threat actors scanning for vulnerable endpoints within...
Vulnerabilities in FileWave’s mobile device management (MDM) platform could enable attackers to seize control of vulnerable instances and all their managed devices, security researchers warn. FileWave MDM allows...
Researchers from AntGroup FG Security Lab have discovered a critical security vulnerability allowing an attacker to remotely execute code within a Grails application runtime. Grails is...
