custom applications

CISA adds Spring4Shell to list of exploited vulnerabilities
It’s been almost a week since the Spring4Shell vulnerability (CVE-2022-22965) came to light and since the Spring development team fixed it in new versions of the Spring …

Spring4Shell: New info and fixes (CVE-2022-22965)
In this video for Help Net Security, Ax Sharma, Senior Security Researcher at Sonatype, talks about the latest developments regarding Spring4Shell, the unauthenticated RCE …

Spring4Shell: No need to panic, but mitigations are advised
Security teams around the world got another shock on Thursday when news of disclosure of a PoC for an unauthenticated RCE zero-day vulnerability in Spring Core, a massively …

Idaho inmates hacked prison system to add money to their accounts
364 inmates at five correctional facilities in Idaho have managed to add nearly a quarter million dollars worth of credit to their JPay accounts by exploiting a vulnerability …

Google introduces new protections to prevent app-based account compromise
Google has implemented new protections that should considerably reduce the risk of potentially malicious apps gaining control of users’ Google account. There can be no …

Companies struggle to deploy security for custom applications
As more and more companies migrate their application workloads from their datacenters to infrastructure-as-a-service (IaaS) platforms such as the Amazon Web Services (AWS) …
Featured news
Resources
Don't miss
- The risks of autonomous AI in machine-to-machine interactions
- Balancing cloud security with performance and availability
- The XCSSET info-stealing malware is back, targeting macOS users and devs
- A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)
- Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme