Connect with us
Researchers warn that there has been a 633% year-over-year increase in cyber-attacks launched against open source software repositories. Open source components, frameworks, libraries, and whole platforms are relied...
Researchers warn that there has been a 633% year-over-year increase in cyber-attacks launched against open source software repositories. Open source components, frameworks, libraries, and whole platforms are relied...
Hidden DNS (domain name system) resolvers create a means for carrying out email redirection and account takeover attacks, security researchers warn. In a technical blog post,...
A zero-day remote code execution (RCE) vulnerability in Zimbra is being actively exploited in the wild. The bug was assigned the tracker CVE-2022-41352 in late September....
An unpatched remote code execution (RCE) vulnerability in Nepxion Discovery, an open source project that provides functionality for the Spring Cloud framework, has been made public....
A now-patched version of Rancher, an open source Kubernetes management tool, stored secrets in plaintext, a security researcher has discovered. The issue affected various Kubernetes objects and could...
Sonatype has found a massive year-over-year increase in cyberattacks aimed at open source projects. According to early data from Sonatype’s 8th annual State of the Software Supply Chain...
Cloud-based source code management (SCM) platforms support integration with self-hosted CI/CD solutions through webhooks, which is great for DevOps automation. However, the benefits can come with security trade-offs....
An estimated 350,000 open source repositories are affected by a 15-year old path traversal vulnerability in Python’s tarfile module, according to security researchers. Having “stumbled across” the unpatched...
A security flaw in Parse Server that enabled brute-force guessing of sensitive user data on the API server module for Node.js and the Express WAF has...
Recent Comments