An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the referrer and referrer_uri parameters are made to trick a user to visit a malicious webpage. A ...
Continue Reading
September 27, 2024
Envoy has carved out a critical role in cloud-native computing, becoming increasingly prevalent as the default ingress controller for Kubernetes. This high-performance proxy, developed by Lyft and now ...
Continue Reading
September 26, 2024
An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web infrastru ...
Continue Reading
September 26, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 11.1 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. Under certain conditions an open redirect vulnerability c ...
Continue Reading
September 26, 2024
📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugins and themes at no cost to vendors? Through October 7th, 2024, XSS vulnerabilities in all plugins and themes with > ...
Continue Reading
September 25, 2024
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible ...
Continue Reading
September 25, 2024
The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible ...
Continue Reading
September 24, 2024
SaaS applications contain a wealth of sensitive data and are central to business operations. Despite this, far too many organizations rely on half measures and hope their SaaS stack will remain secure ...
Continue Reading
September 24, 2024
Back to Main
