Connect with us
The issue of how coding languages might support software developers’ management of memory has recently gotten attention from the National Security Council, the Cybersecurity and Infrastructure...
The Open Source Security Foundation (OpenSSF) recently adopted Microsoft’s Secure Supply Chain Chain Consumption Framework (S2C2F) to help reduce vulnerabilities in open source software – a...
Zoom has patched a cross-site scripting (XSS) bug that worked in both the desktop and web versions of its Whiteboard app. Zoom Whiteboard allows users to...
Vulnerabilities in enterprise password manager Passwordstate that could be combined to exfiltrate stored credentials have been patched. Developed by Australian vendor Click Studios, Passwordstate is an on-premise suite...
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Vulnerability with public PoC affects Cisco IP phones, fix unavailable (CVE-2022-20968)A...
Our second web security roundup begins with news that a brace of network security flaws in products from Fortinet and Citrix have each come under active attack. These attacks were...
Bug bounty hunters are increasingly unearthing cloud-based vulnerabilities as organizations undergo ‘digital transformation’, a new report has found. Researchers have uncovered more than 65,000 software vulnerabilities...
A supposed security researcher has tried and failed to file an apparently bogus cryptocurrency vulnerability with the help of ChatGPT, the latest and most eerily impressive...
Security researchers have developed a technique that prevents web application firewalls (WAFs) from detecting SQL injection attacks. Several leading vendors’ WAFs failed to support JSON syntax in their SQL...
NodeBB, a Node.js platform for creating forum applications, has patched a prototype pollution vulnerability that could allow attackers to impersonate other users and take over administrator accounts. The vulnerability was...
Recent Comments