The Rust security team has patched a bug in the regex crate that left applications open to Denial of Service (DoS) attacks. If a regular expression string is...
A critical vulnerability in both GitLab Community and Enterprise Edition could enable an attacker to steal runner registration tokens. The vulnerability, which affects all versions from...
Security bugs in open source packages can take a long time to be fixed, are often bundled with non-security and breaking changes, and can go unnoticed...
Microsoft has added new security features to its Edge browser, building on the ‘Super Duper Secure Mode’ that was unveiled late last year. A new experimental...
An IP spoofing vulnerability in Django REST allowed attackers to circumvent the framework’s throttling feature, which is supposed to protect applications against mass requests. Django REST...
Open source data analytics and visualization platform Grafana is urging users to upgrade their deployments after a security researcher announced the discovery of a zero-day vulnerability on...
Developers have resolved a series of vulnerabilities in storage technologies from Kaseya, including two critical flaws that each posed a remote code execution risk. Two unauthenticated SQL injection...
Mozilla is offering improved security controls for Firefox users with the debut of a long-anticipated version of Site Isolation technology. Bundled in the release of Firefox 94,...
Industry giants including Google and Salesforce have announced the creation of a “vendor-neutral” security baseline for businesses. Dubbed the ‘Minimum Viable Secure Product’ (MVSP), Google’s Royal...
Patching is a fact of life for IT administrators. And, although it is essential to maintain security, keeping up with vendors’ patch release cycles is a...
Recent Comments