Connect with us
The most popular open source repositories are rife with misconfigurations that leave countless downstream applications at risk from dependency confusion attacks, security researchers have discovered. Of the 1,000 organizations whose...
Accenture has released Jenkins Attack Framework (JAF), a new tool aimed at pen testers and red teamers that can reveal ways in which the popular automation server can...
A severe cross-site scripting (XSS) vulnerability impacting pfSense software has been patched by the vendor. Netgate solutions’ pfSense software is an open source offering based on FreeBSD for firewalling and...
A vulnerability in Homebrew, the enormously popular open source package manager for macOS and Linux, enabled attackers to execute malicious Ruby code on machines running the application. Security...
Developers of Cockpit CMS, an open source content management system, have patched two security vulnerabilities following a disclosure by researchers at PT Swarm. The vulnerabilities could allow a...
Emissary, an open source, peer-to-peer (P2P) workflow engine developed by the US National Security Agency (NSA), contains vulnerabilities that attackers could chain to take over Emissary...
The coronavirus-induced lockdowns experienced by much of the world over winter has done little to scupper researchers’ desire to tinker and create. In fact, the past three...
UPDATED A trio of Perl modules are potentially vulnerable to a serious upstream security flaw in Net::Netmask, a Perl distribution used to parse, manipulate, and lookup IP network...
A potentially “catastrophic” security vulnerability in Netmask, an NPM package used by more than 279,000 open source projects, has been patched after lying undiscovered for nine years. The...
GitHub has released further details of a rare security vulnerability that potentially allowed users to log into other user sessions. Last week, as reported by The Daily Swig,...
Recent Comments