The following is part of an ongoing series of API vulnerability briefs by Neosec’s threat research team to help enterprises learn from recent API attacks that affect organizations globally. What happened? On ...

On October 13, a vulnerability in the Apache Commons Text library was publicly disclosed. Tracked as CVE-2022-42889 and with a CVSS risk score 9.8, this is a remote code execution (RCE) zero-day ...

Spring4Shell Vulnerability Overview On 29-March-2022, a zero-day vulnerability in the Spring Java Framework was published by a Chinese Twitter account and referred to as “Spring4Shell.” At first, the vulnerability was confused with ...