Recently, several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in side channel attacks, leaking of sensitive data to log files, denial of service, or bypass of sandbox ...

The xSPM trend represents a holistic approach to managing and enhancing the security posture of diverse IT assets ...

Phylum found an increase in the discovery of malicious packages targeting the software supply chains of specific organizations ...

The State of API Security in 2024 Report highlights how APIs and their increased usage are significantly changing the threat landscape. In 2023, the number of API-targeted attacks rose significantly.  Attacks targeting ...

What is PCI DSS? The Payment Card Industry Data Security Standard (PCI DSS) was created in 2006 by Visa, MasterCard Discover Financial Services, JCB International, and American Express. The goal of this ...

Uncover critical security flaws in ConnectWise ScreenConnect (CVE-2024-1709 & CVE-2024-1708) posing remote code execution risks. Actively exploited in the wild. The post ScreenConnect Authentication Bypass (CVE-2024-1709 & CVE-2024-1708) appeared first on Indusface ...

Avast Software will pay a $16.5 million fine to settle a federal complaint accusing the antivirus vendor of collecting users’ browsing data over six years and selling it to advertising companies without ...

By Matt Schwager Deserializing, decoding, and processing untrusted input are telltale signs that your project would benefit from fuzzing. Yes, even Python projects. Fuzzing helps reduce bugs in high-assurance software developed in ...

Underpaid, overworked and angry: Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures ...

GraphQL has taken the API world by storm, offering flexibility and efficiency like never before. But with great power comes great responsibility, and ensuring your GraphQL API functions flawlessly is crucial. This ...