Cyber Security
A critical flaw patched in the Apache Commons Text library has sparked comparisons with the ‘Log4Shell’ bug that surfaced in the near-ubiquitous open source...
Hi, what are you looking for?
A critical flaw patched in the Apache Commons Text library has sparked comparisons with the ‘Log4Shell’ bug that surfaced in the near-ubiquitous open source...
Researchers warn that there has been a 633% year-over-year increase in cyber-attacks launched against open source software repositories. Open source components, frameworks, libraries, and whole platforms...
A zero-day remote code execution (RCE) vulnerability in Zimbra is being actively exploited in the wild. The bug was assigned the tracker CVE-2022-41352 in...
Hidden DNS (domain name system) resolvers create a means for carrying out email redirection and account takeover attacks, security researchers warn. In a technical...
OpenID Connect (OIDC) identity service Dex has patched a critical vulnerability that would allow an attacker to fetch an ID token through an intercepted authorization...
An unpatched remote code execution (RCE) vulnerability in Nepxion Discovery, an open source project that provides functionality for the Spring Cloud framework, has been...
Cloud-based source code management (SCM) platforms support integration with self-hosted CI/CD solutions through webhooks, which is great for DevOps automation. However, the benefits can come with...
An estimated 350,000 open source repositories are affected by a 15-year old path traversal vulnerability in Python’s tarfile module, according to security researchers. Having “stumbled across”...
A security flaw in Parse Server that enabled brute-force guessing of sensitive user data on the API server module for Node.js and the Express...
The maintainers of venerable open source content management system (CMS) TYPO3 have fixed a cross-site scripting (XSS) flaw with a raft of software updates. The XSS...
Recent Comments