Connect with us
Venafi announced the findings of a global study of 1,000 CIOs, in which 82% say their organizations are vulnerable to cyberattacks targeting software supply chains. The shift...
The maintainers of Guzzle, the popular HTTP client for PHP applications, have addressed a high severity vulnerability leading to cross-domain cookie leakage. Drupal, the open source content management...
A ‘security researcher’ accused of unethical activity through the alleged hijack of a popular open source project insists that their actions were not malicious. Last week,...
A malicious and potentially hijacked Python package, CTX, has been removed from the Python Package Index (PyPI) repository after social media users alerted the team to...
A “balkanization” of tech – driven by various countries’ needs to be technologically independent from their strategic competitors and adversaries – is underway, delegates to the...
A group of software package maintainers have created a tool for defending applications that depend on open source JavaScript libraries. Called Socket, the tool uses a...
A SQL injection (SQLi) vulnerability in an open source platform developed by Greek universities to manage student data left academic grades at risk of manipulation. Miscreants leveraging the...
IBM has updated data management platform Db2 in order to protect users from a pair of critical vulnerabilities in older versions of Expat, a third-party library....
A cross-site scripting (XSS) vulnerability in PrivateBin, the open source secure pastebin, has been patched. PrivateBin, a fork of the popular ZeroBin, is an online tool used to...
It’s time for developers to update their local Git installations following the discovery of a brace of vulnerabilities. The worst of the two flaws (CVE-2022-24765) carries the...
Recent Comments