Application Security
How did CVE-2024-27198 Lead to Critical Vulnerability in JetBrains?
CVE-2024-27198 Lead to Server Takeover Vulnerabilities The post How did CVE-2024-27198 Lead to Critical Vulnerability in JetBrains? appeared first on Kratikal Blogs ...
Introducing Ruzzy, a coverage-guided Ruby fuzzer
By Matt Schwager Trail of Bits is excited to introduce Ruzzy, a coverage-guided fuzzer for pure Ruby code and Ruby C extensions. Fuzzing helps find bugs in software that processes untrusted input ...
Checkmarx Aligns With Wiz to Improve Application Security
Checkmarx has integrated its platform for securing application development environments with Wiz's CNAPP ...
SCCM Exploitation: Account Compromise Through Automatic Client Push & AD System Discovery
Author: Marshall Price, Senior Security Consultant TL;DR: The following conditions can lead to compromise of the SCCM client push account […] ...
Telegram Privacy Nightmare: Don’t Opt In to P2PL
Scary SMS shenanigans: Avoid Telegram’s new “Peer-To-Peer Login” program if you value your privacy or your cellular service ...
ChatGPT Plugin Security Vulnerabilities Exploited By Hackers
In the realm of cybersecurity, constant vigilance is paramount as threat actors perpetually seek novel ways to exploit vulnerabilities. Recent research has shed light on a concerning trend: the potential misuse of ...
Linux Kernel 6.8 Released: New Features and Hardware Support
Linus Torvalds recently announced the release of Linux kernel 6.8, the latest stable version of the Linux kernel. This update brings a plethora of new features and improvements, making it a significant ...
Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys
GoFAIL: Researchers worm their way into broken cache-filling microcode in most Macs and iPads ...
Application Security for Dummies: The Only Way Forward
To improve application security, we must make security so stupid that anyone can do it, and that applies up and down the stack ...
Workshop “How to write custom security tests” – Main Takeaways
Discover the main takeaways from our latest workshop on how to write custom security tests for API security ...