As our hunt against malicious Python packages continues, Imperva Threat Research recently discovered an attempt to masquerade Fade Stealer malware as a nondescript package, Colorama. Why Colorama? Col ...
Continue Reading
February 13, 2024
The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS ...
Continue Reading
February 13, 2024
The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS ...
Continue Reading
February 13, 2024
Summary When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and m ...
Continue Reading
February 13, 2024
Summary When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and m ...
Continue Reading
February 12, 2024
Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Security Fix(es): apache-commons-text: variable interpo ...
Continue Reading
February 12, 2024
Hi, Spring fans! In this installment we look at the brand new Spring Boot Testjars project, which greatly simplifies standing up and reusing satellite Java-based services like other Spring Boot-based ...
Continue Reading
February 08, 2024
Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication method on affected 11.3 versions via specially crafted...Read More ...
Continue Reading
February 07, 2024
Back to Main
