Connect with us
Japanese cybersecurity software firm Trend Micro has patched a high severity security flaw in the Apex Central product management console that can let attackers execute arbitrary...
In this video for Help Net Security, Ax Sharma, Senior Security Researcher at Sonatype, talks about the latest developments regarding Spring4Shell, the unauthenticated RCE zero-day vulnerability in...
In this interview with Help Net Security, Vitaliy Lim, CTO at Feroot, talks about the most common JavaScript threats, the devastating impact of malicious or vulnerable code,...
GitLab has patched a critical vulnerability that meant static passwords were inadvertently set during OmniAuth-based registration – putting accounts at risk of malicious takeover. The DevOps platform has...
A bug in one of PHP’s functions made it possible to bypass security measures meant to protect web applications against malicious user input, a security researcher...
The early months of 2022 are behind us and, as security professional prepare for the upcoming conference season, it’s high time to load up the security...
Spring users are facing a new, zero-day vulnerability which was discovered in the same week as an earlier critical bug. The first security issue, CVE-2022-22963, is a...
Rapid7 has patched a critical SQL injection vulnerability in Nexpose, its on-premises vulnerability management software. The flaw, which has a CVSS rating of 9.8, arose because valid search...
A new zero-day vulnerability in the Spring Core Java framework called ‘Spring4Shell’ has been publicly disclosed, allowing unauthenticated remote code execution on applications. Spring is a...
Cybersecurity researchers have disclosed a code injection flaw in the Spring Cloud computing framework that poses a remote attack risk. On March 28, infosec firm NSFOCUS...
