A sophisticated new player entered the cyber-threat landscape. Analysts at eSentire’s Threat Response Unit (TRU) have identified...
infosec
Laravel Passport is widely recognized as an OAuth2 server and API authentication package that is both simple...
Recently, a research contingent published a scholarly treatise detailing an exhaustive security audit of various API aggregators—commonly...
Cisco Talos has uncovered a coordinated cluster of malicious activity targeting non-governmental organizations (NGOs) and universities in...
Security teams across the globe are being urged to move quickly as Sonatype has disclosed a critical...
A critical flaw in marimo, a popular reactive Python notebook platform, has become the latest case study...
Six Apart Ltd. has issued an urgent security advisory for Movable Type, a long-standing content management system...
Welcome to this week’s vulnerability digest. As we close out the first full week of April, security...
Apache Tomcat, the open-source backbone for millions of Java-based web applications, has been hit by a wave...
A critical security vulnerability in Axios, the ubiquitous promise-based HTTP client for Node.js and the browser, has...
A severe security vulnerability has been identified in the Nix package manager, a tool celebrated by the...
A critical-severity security vulnerability has been identified in the Checkmk monitoring platform, potentially allowing local users to...
In a sophisticated shift in tactics, cybercriminals are increasingly weaponizing the trusted notification pipelines of major collaboration...
Microsoft Defender Security Research has uncovered a sophisticated, wide-scale phishing campaign that weaponizes the Device Code Authentication...
North Korea’s cyber program has moved past the era of accidental growth into a period of “mature...
HPE Aruba Networking has issued an important software update to address a high-severity security flaw in its...
In a calculated move that signals a new frontier in cyber espionage, North Korean threat actors have...
TP-Link has issued an urgent security advisory regarding its Archer AX53 v1.0 router, detailing five distinct vulnerabilities...
A sophisticated, financially motivated threat campaign is currently sweeping across professional networks, specifically targeting job seekers on...
Amazon Web Services (AWS) has released urgent security updates for its Research and Engineering Studio (RES), an...
Security researchers have unmasked three critical vulnerabilities in goshs, a popular high-performance replacement for Python’s SimpleHTTPServer. The...
In a critical security alert, Juniper Networks has warned of a severe vulnerability in its Support Insights...