Spring Security OAuth reaches End-of-Life

The [Spring Security OAuth]() and [Spring Security OAuth Boot 2 auto-configuration]() projects have reached end of life. The Spring Security OAuth project has been replaced by the Client and Resource ...

Continue Reading
CVE-2022-22969

Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 ...

Continue Reading
(RHSA-2022:2280) Important: OpenShift Container Platform 3.11.705 security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages ...

Continue Reading
Nearly 100,000 NPM Users’ Credentials Stolen in GitHub OAuth Breach

[![](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEibSaL_2onu9HFSkDKS6vpwfAW61CDKj7FffAdrYV-rfMCl0RTqFOAU0q4xUr3YMSKTAo-XMYuwdpQopOtC-PypD36JJ_IPRd-RrsO_yB-TfKWK6RbdnyS9kfb-8BIo0VA8vUV2hs_ ...

Continue Reading
npm security update: Attack campaign using stolen OAuth tokens

On April 15, we published [a blog]() detailing an attack campaign utilizing stolen OAuth user tokens issued to two third-party GitHub.com integrators, Heroku and Travis CI. The npm organization on Git ...

Continue Reading
GitLab 14.7.x < 14.7.7 / 14.8.x < 14.8.5 / 14.9.x < 14.8.2 Default Password

A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP, SAML) in GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 a ...

Continue Reading
Zepp 6.1.4-play User Account Enumeration Vulnerability

Post ContentRead More ...

Continue Reading
Gitlab 14.9 – Authentication Bypass Vulnerability

Post ContentRead More ...

Continue Reading

Back to Main

Subscribe for the latest news: