Connect with us
Security researchers have uncovered multiple unprotected properties to bypass Trusted Types, a widely used web security mechanism, in some scenarios. Trusted Types is an important technology that...
Oracle has patched a remote code execution (RCE) vulnerability impacting Oracle Fusion Middleware and various other Oracle systems. Security researchers ‘Peterjson’ and ‘Jang’ reported a pair...
Data monitoring and search vendor Splunk patched a code execution vulnerability in its Splunk Enterprise deployment server and is – belatedly, according to some – promising to back-port...
A vulnerability in Parse Server software has led to the discovery of an authentication bypass impacting Apple Game Center. Parse Server is an open source project...
MEGA has released a security update to address a set of severe vulnerabilities that could have exposed user data, even if the data had been stored...
Security researchers have uncovered 56 flaws affecting devices from 10 OT (operational technology) vendors in what’s billed as the single largest vulnerability disclosure to affect the computing components...
Citrix has patched a critical vulnerability in its Application Delivery Management (ADM) technology that, if left unresolved, creates a means for remote attackers to reset admin passwords. The...
A cross-site request forgery (CSRF) vulnerability in Reddit forced users to view adult content. The medium severity security bug disabled the option to turn on certain settings, meaning...
According to Volexity, a webshell was discovered in Atlassian Confluence server during an incident response investigation. Volexity determined that it was a zero-day vulnerability that could...
MetaMask and Phantom are warning of a new ‘Demonic’ vulnerability that could expose a crypto wallet’s secret recovery phrase, allowing attackers to steal NFTs and cryptocurrency stored...
