Security Vulnerabilities

A rapidly exploited vulnerability with a major blast radius A recently disclosed vulnerability in Apache Tomcat, CVE-2025-24813, is drawing significant attention due to its ease of exploitation, rapid adoption by attackers, and ...

Sonatype has discovered and disclosed four vulnerabilities in picklescan, a tool designed to help developers scan Python pickle files for malicious content. Pickle files, used for serializing and deserializing Python AI/ML models, ...

The value of open source is undeniable — 90% of all modern software development depends on it. According to Harvard Business School, in 2024 alone, more than 6 trillion open source software ...

A recent emergence in the cybercrime landscape involves a ransomware strain known as RansomHub, which has surfaced as a successor to the notorious Knight ransomware attack. Initially identified as Cyclops 2.0, Knight ...

Note: This article was originally published on The New Stack ...

Developers everywhere build modern applications from reusable pieces of code downloaded from repositories such as Maven Central ...

As a fundamental element of nearly every Linux-based system, the GNU C Library, or glibc, acts as a core library connecting applications with the Linux kernel. It provides essential functions for system ...

The npm package 'everything' sparked some controversy slowly after its publication over the holidays this year ...

In a recent webinar hosted by Sonatype, Chief Technology Officer (CTO) and co-founder Brian Fox and Field CTO Ilkka Turunen discussed the critical security vulnerability affecting Apache Struts2 ...

Python 3.7 reached end of life on June 27, 2023   The current stable Python release is Python 3.12   Running end-of-life software poses compliance risks   Python is one of the ...