Connect with us
An unauthenticated arbitrary object instantiation vulnerability in LDAP Account Manager (LAM) has been discovered during an internal penetration test. LAM is a PHP web application for...
Monash University in Melbourne, Australia, has launched a public bug bounty program to help maintain the security of its digital platforms. The new program, which is...
A poor implementation of Ed25519, a popular digital signature algorithm, has left dozens of cryptography libraries vulnerable to attacks. According to Konstantinos Chalkias, a cryptographer at...
A cybersecurity researcher was threatened with legal action for describing vulnerabilities in Powertek PDUs after patches were released. The vulnerabilities – two deemed critical and a...
Chinese state-sponsored attackers are placing a heavy reliance on known but commonly unpatched vulnerabilities to “establish a broad network of compromised infrastructure”, a US federal security agency...
Confluence Server and Data Center users are being urged to update their systems in response to a remote code execution (RCE) vulnerability that’s the target of active attacks...
A ‘security researcher’ accused of unethical activity through the alleged hijack of a popular open source project insists that their actions were not malicious. Last week,...
Canadian healthcare service provider Scarborough Health Network (SHN) has warned that a data breach may have exposed patient healthcare records. In a breach notice, SHN explained that its IT...
A malicious and potentially hijacked Python package, CTX, has been removed from the Python Package Index (PyPI) repository after social media users alerted the team to...
The maintainers of Argo CD, the continuous delivery tool for Kubernetes, have patched a critical vulnerability that enabled attackers to forge JSON Web Tokens (JWTs) and...
Recent Comments