TL;DR The same JSON document can be parsed with different values across microservices, leading to a variety of potential security risks. If you... continue reading
News about the recent Jones Day / Accellion vendor data breach highlights just how difficult third-party risk management (TPRM) is in practice.... continue reading
The latest trend toward Development, Security, and Operations (DevSecOps) is intended to ensure that security is embedded into every phase of the... continue reading
The evolution of security within the corporate environment has included investment in firewalls, intrusion detection systems, data leak... continue reading
What are the risks associated with overly permissive pod creation in Kubernetes? The answer varies based on which of the host’s namespaces and... continue reading
ADVISORY SUMMARY The Mautic application is affected by stored XSS vulnerabilities. Upon exploitation, these issues allow an authenticated attacker... continue reading
Jan 11, 2021 5:00:00 AM |
By Chris Davis, Joe DeMesy
ADVISORY SUMMARY The R programming language’s default package manager CRAN is affected by a path traversal vulnerability that can lead to server... continue reading
I'm excited to announce some new features that have been added to RMIScout. RMIScout is a tool to perform wordlist and brute-force attacks against... continue reading
ADVISORY SUMMARY Four vulnerabilities were discovered in the OpenClinic application, the most severe of which allowed an unauthenticated attacker... continue reading
DARK Reading
HELPNET Security
Forbes