Hackers used the popular Minecraft modding platforms Bukkit and CurseForge to distribute a new ‘Fractureiser’ information-stealing malware through uploaded modifications and by injecting malicious code into...
Operators of the StrRAT and Ratty remote access trojans (RAT) are running a new campaign using polyglot MSI/JAR and CAB/JAR files to evade detection from security...
Security researchers have discovered a serious vulnerability in HyperSQL DataBase (HSQLDB) that poses a remote code execution (RCE) risk. HSQLDB offers a Java-based SQL relational database...
A freshly fixed vulnerability (CVE-2022-42889) in the Apache Commons Text library has been getting attention from security researchers these last few days, worrying it could lead...
Researchers warn that there has been a 633% year-over-year increase in cyber-attacks launched against open source software repositories. Open source components, frameworks, libraries, and whole platforms are relied...
https://player.vimeo.com/video/735757817?h=bb19c83072&badge=0&autopause=0&player_id=0&app_id=58479&dnt=1 In this Help Net Security video, Erik Costlow, Senior Director of Product Management at Azul, talks about Java centric vulnerabilities and the headache they have become...
UPDATED A critical SpEL injection vulnerability whose abuse leads to remote code execution (RCE) has been patched in Spring Data MongoDB, which provides object-document support and repositories...
A catastrophic vulnerability in the implementation of certain encryption operations in Java JDK makes it easy for attackers to forge counterfeit credentials. The cryptographic weakness – which affects...
Microsoft and CISA have warned of ‘Spring4Shell’ exploitation in the wild. As previously reported by The Daily Swig, in the past week, Spring Framework developers have released patches tackling...
A new zero-day vulnerability in the Spring Core Java framework called ‘Spring4Shell’ has been publicly disclosed, allowing unauthenticated remote code execution on applications. Spring is a...
Recent Comments