Cyber Security
A vulnerability in Amazon Web Services (AWS) AppSync enabled unauthorized cross-account access to AWS resources, according to the findings of security researchers. AppSync is...
Hi, what are you looking for?
A vulnerability in Amazon Web Services (AWS) AppSync enabled unauthorized cross-account access to AWS resources, according to the findings of security researchers. AppSync is...
Security researchers from Varonis have published details of SQL injection and logical access vulnerabilities in Zendesk Explore that posed a severe threat for users of the...
Attackers could steal password credentials from Mastodon users due to a vulnerability in Glitch, a fork of Mastodon, a researcher has warned. Mastodon has...
A bug in Ember.js, a JavaScript framework for building Node.js web applications, allowed attackers to stage prototype pollution attacks against the host server. Prototype...
ANALYSIS Advances in technology over the last decade have enabled academics to make progress in creating so-called one-time programs. One-time programs (OTPs) – originally presented...
Malicious proof-of-concepts (PoCs) are potentially exposing GitHub users to malware and other malfeasance, researchers have found. In a paper titled ‘How security professionals are being attacked:...
Security researchers have discovered a serious vulnerability in HyperSQL DataBase (HSQLDB) that poses a remote code execution (RCE) risk. HSQLDB offers a Java-based SQL...
Public disclosure, a talk, and a blog post later, the RCE exploit remains unresolved Despite a researcher’s best efforts at disclosure, the maintainers of...
A newly-discovered vulnerability in Apache Pulsar allows a remote attacker to carry out a manipulator-in-the-middle (MitM) attack due to improper certificate validation. Apache Pulsar...
Java templating engine Pebble was vulnerable to a bug that could allow attackers to bypass its security mechanisms and conduct command injection attacks against host servers....