JSON Web Token - API Security Blog

Security update for trivy (important)

openSUSE Security Update: Security update for trivy Announcement ID: openSUSE-SU-2025:0303-1 Rating: important References: #1232948 #1235265 #1246151 Cross-References: CVE-2 ...

August 19, 2025

Security update for trivy (important)

openSUSE Security Update: Security update for trivy Announcement ID: openSUSE-SU-2025:0302-1 Rating: important References: #1232948 #1235265 #1246151 Cross-References: CVE-2 ...

August 19, 2025

Linux Distros Unpatched Vulnerability : CVE-2020-26160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. jwt-go before 4.0.0-preview1 allows attackers to bypass intended ...

August 18, 2025

PT-2025-33287 · Undefined · Undefined

In ESPEC North America Web Controller 3 before 3.3.4, /api/v4/auth/ with any invalid authentication request results in exposing a JWT secret. This allows for elevated permissions to the...Read More ...

August 17, 2025

ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure

Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators' infrastructure. "The newly unc ...

August 16, 2025

SUSE SLES15 / openSUSE 15 Security Update : amber-cli (SUSE-SU-2025:02769-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:02769-1 advisory. - Update to version 1.13.1+ ...

August 16, 2025

CVE-2025-27845

In ESPEC North America Web Controller 3 before 3.3.4, /api/v4/auth/ with any invalid authentication request results in exposing a JWT secret. This allows for elevated permissions to the...Read More ...

August 16, 2025

openSUSE Security Advisory (SUSE-SU-2025:02769-1)

The remote host is missing an update for...Read More ...

August 15, 2025