WebSocket - API Security Blog

Malvertisers zoom in on cryptocurrencies and initial access

During the past month, we have observed an increase in the number of malicious ads on Google searches for "Zoom", the popular piece of video conferencing software. Threat actors have ...

December 14, 2023

[SECURITY] Fedora 37 Update: rust-tungstenite-0.20.1-1.fc37

Lightweight stream-based WebSocket implementation.Read More ...

December 14, 2023

Exploit for Improper Handling of Exceptional Conditions in Eclipse Jetty

Eclipse Jetty Canonical Repository =============================...Read More ...

December 14, 2023

Researchers Link DragonEgg Android Spyware to LightSpy iOS Surveillanceware

[![Android Spyware and iOS Surveillanceware](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() New findings have identified connect ...

December 14, 2023

Rocky Linux 8 : qt5-qtbase and qt5-qtwebsockets (RLSA-2020:4690)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4690 advisory. Qt through 5.14 allows an exponential XML entity expa ...

December 14, 2023

CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be ca ...

December 14, 2023

[SECURITY] Fedora 37 Update: rust-tokio-tungstenite-0.20.1-1.fc37

Tokio binding for Tungstenite, the Lightweight stream-based WebSocket implementation.Read More ...

December 14, 2023

Rocky Linux 8 : firefox (RLSA-2023:0288)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0288 advisory. An out of date library (libusrsctp) contained vulnera ...

December 14, 2023