Connect with us
UPDATED A critical SpEL injection vulnerability whose abuse leads to remote code execution (RCE) has been patched in Spring Data MongoDB, which provides object-document support and repositories...
The Django project, an open source Python-based web framework has patched a high severity vulnerability in its latest releases. Tracked as CVE-2022-34265, the potential SQL Injection vulnerability exists in Django’s...
A HackerOne employee stole vulnerability reports submitted through the bug bounty platform and disclosed them to affected customers to claim financial rewards. The rogue worker had...
On Thursday, the Jenkins security team announced 34 security vulnerabilities affecting 29 plugins for the Jenkins open source automation server, 29 of the bugs being zero-days...
Gitlab has patched a critical vulnerability that could allow an attacker to execute code remotely. The security issue, which has been rated as critical, has been discovered in...
Here’s our latest round-up of hacking tools available to pen testers, enterprise security specialists, and other infosec professionals at the start of the third quarter of...
A recently-patched security hole in Chromium browsers allowed attackers to bypass safeguards against dangling markup injection’, an attack that extracts sensitive information from webpages. While dangling markup...
The Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Linux vulnerability known as PwnKit to its list of bugs exploited in the wild. The...
Amazon has confirmed and fixed a vulnerability in its Photos app for Android, which has been downloaded over 50 million times on the Google Play Store....
A poor implementation of Ed25519, a popular digital signature algorithm, has left dozens of cryptography libraries vulnerable to attacks. According to Konstantinos Chalkias, a cryptographer at...
