custom applications
CISA adds Spring4Shell to list of exploited vulnerabilities
It’s been almost a week since the Spring4Shell vulnerability (CVE-2022-22965) came to light and since the Spring development team fixed it in new versions of the Spring …
Spring4Shell: New info and fixes (CVE-2022-22965)
In this video for Help Net Security, Ax Sharma, Senior Security Researcher at Sonatype, talks about the latest developments regarding Spring4Shell, the unauthenticated RCE …
Spring4Shell: No need to panic, but mitigations are advised
Security teams around the world got another shock on Thursday when news of disclosure of a PoC for an unauthenticated RCE zero-day vulnerability in Spring Core, a massively …
Idaho inmates hacked prison system to add money to their accounts
364 inmates at five correctional facilities in Idaho have managed to add nearly a quarter million dollars worth of credit to their JPay accounts by exploiting a vulnerability …
Google introduces new protections to prevent app-based account compromise
Google has implemented new protections that should considerably reduce the risk of potentially malicious apps gaining control of users’ Google account. There can be no …
Companies struggle to deploy security for custom applications
As more and more companies migrate their application workloads from their datacenters to infrastructure-as-a-service (IaaS) platforms such as the Amazon Web Services (AWS) …
Featured news
Resources
Don't miss
- Chinese cyber spies used Claude AI to automate 90% of their attack campaign, Anthropic claims
- A suspected Fortinet FortiWeb zero-day is actively exploited, researchers warn
- Why your security strategy is failing before it even starts
- Protecting mobile privacy in real time with predictive adversarial defense
- Los Alamos researchers warn AI may upend national security