Connect with us
In this video for Help Net Security, Ax Sharma, Senior Security Researcher at Sonatype, talks about the latest developments regarding Spring4Shell, the unauthenticated RCE zero-day vulnerability in...
In this interview with Help Net Security, Vitaliy Lim, CTO at Feroot, talks about the most common JavaScript threats, the devastating impact of malicious or vulnerable code,...
GitLab has patched a critical vulnerability that meant static passwords were inadvertently set during OmniAuth-based registration – putting accounts at risk of malicious takeover. The DevOps platform has...
A bug in one of PHP’s functions made it possible to bypass security measures meant to protect web applications against malicious user input, a security researcher...
The early months of 2022 are behind us and, as security professional prepare for the upcoming conference season, it’s high time to load up the security...
EXCLUSIVE: A bug in the support dashboard of Palo Alto Networks (PAN) exposed thousands of customer support tickets to an unauthorized individual, BleepingComputer has learned. The exposed information...
Spring users are facing a new, zero-day vulnerability which was discovered in the same week as an earlier critical bug. The first security issue, CVE-2022-22963, is a...
Rapid7 has patched a critical SQL injection vulnerability in Nexpose, its on-premises vulnerability management software. The flaw, which has a CVSS rating of 9.8, arose because valid search...
A new zero-day vulnerability in the Spring Core Java framework called ‘Spring4Shell’ has been publicly disclosed, allowing unauthenticated remote code execution on applications. Spring is a...
Wabbi published new research with IDG that finds companies utilizing continuous security have decreased vulnerabilities by 50%. The study focused on the integration of development and security, as...
Recent Comments