The domain registration belonging to Perl.com, the popular source of news and information about the Perl programming language, has reportedly been stolen. Brian Foy, a Perl...
A vulnerability in a Node.js web application framework could be exploited to achieve remote code execution (RCE). Made public by self-described “wannabe” security researcher Shoeb ‘CaptainFreak’ Patel on January 23, the research...
UPDATED A remote code execution (RCE) vulnerability in Microsoft Exchange Online remains unresolved after security researchers bypassed two patches for successive exploits. Rated as critical, the zero-day flaw impacts...
A security researcher has detailed how a “critical” bug in the Spring Data project could be abused to expose and modify web application user data. The issue lies...
UPDATED GitLab installations need to be updated following the discovery of a set of security vulnerabilities, including a critical access token theft issue. First up, insufficient validation...
The software supply chain attack against IT infrastructure vendor SolarWinds last year has served to revive interest in technologies that might mitigate against this kind of...
Security updates have been released for Node.js to address multiple vulnerabilities, including a memory corruption bug and a flaw that opened the door to HTTP request...
It’s safe to say that 2020 has been a year like no other, with the Covid-19 pandemic dominating headlines worldwide. Within the cybersecurity sphere, the ripple of changes...
A trio of unpatched XML round-trip mutation vulnerabilities in Go’s standard library could lead to SAML authentication bypass in downstream projects, security researchers have revealed. The...
GitHub has announced improvements to further integrate security directly into the software development workflow. GitHub Enterprise Server (GHES) version 3.0 (currently shipping as a release candidate)...
Recent Comments