Wordfence Intelligence Weekly WordPress Vulnerability Report (April 1, 2024 to April 7, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordf ...

Continue Reading
Python’s PyPI Reveals Its Secrets

GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commit ...

Continue Reading
Cosign malicious attachments can cause system-wide denial of service

Summary A remote image with a malicious attachment can cause denial of service of the host machine running Cosign. This can impact other services on the machine that rely on having memory available su ...

Continue Reading
Cosign malicious artifacts can cause machine-wide DoS

Maliciously-crafted software artifacts can cause denial of service of the machine running Cosign, thereby impacting all services on the machine. The root cause is that Cosign creates slices based on t ...

Continue Reading
Siemens RUGGEDCOM APE1808 before V11.0.1

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities ...

Continue Reading
Spring Framework 6.2.0-M1: all the little things

The Spring Framework team has been busy reviewing the issue tracker in anger and reducing the number of opened issues. This was long overdue, with a number of issues being invalid or superseded in the ...

Continue Reading
Python’s PyPI Reveals Its Secrets

GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commit ...

Continue Reading
CVE-2024-29019

ESPHome is a system to control microcontrollers remotely through Home Automation systems. API endpoints in dashboard component of ESPHome version 2023.12.9 (command line installation) are vulnerable t ...

Continue Reading

Back to Main

Subscribe for the latest news: