Connect with us
The newest version of TruffleHog has landed with support for more than 600 key types, furthering the tool’s ability to hunt for credential leaks. Leaked credentials,...
The early months of 2022 are behind us and, as security professional prepare for the upcoming conference season, it’s high time to load up the security...
Vulnerabilities in ImpressCMS could allow an unauthenticated attacker to bypass the software’s SQL injection protections to achieve remote code execution (RCE), a security researcher has warned....
Mitmproxy, an open source, interactive HTTPS proxy service, has patched a dangerous bug that potentially allowed attackers to stage HTTP request smuggling attacks against backend servers. HTTP...
A maintainer who sabotaged a popular NPM package in protest at Russia’s invasion of Ukraine has been criticised for undermining trust in the open source ecosystem. ‘RIAEvangelist’...
A security vulnerability in e-learning platform Moodle could allow an attacker to take over a database and potentially obtain sensitive information, researchers have warned. Moodle is...
A critical vulnerability in both GitLab Community and Enterprise Edition could enable an attacker to steal runner registration tokens. The vulnerability, which affects all versions from...
Lesson from Log4J: Security vulnerabilities are not just high-profile events like the recently identified Log4J exploit, but rather an ongoing threat on many fronts that need...
Two vulnerabilities in open source monitoring platform Zabbix could allow an attacker to bypass authentication and execute arbitrary code on a targeted server. The security flaws were found...
Security bugs in open source packages can take a long time to be fixed, are often bundled with non-security and breaking changes, and can go unnoticed...
Recent Comments