Xiaomi Mobile Payment Vulnerability
Vulnerabilities in Xiaomi’s mobile payment could lead to an attacker stealing private keys used to sign Wechat Pay control and payment packages. The flaws were found in Xiaomi's trusted execution…
Most Exploited Common Apps – VirusTotal
The latest findings from VirusTotal reveals that cybercriminals and threat actors are increasingly relying on mimicked versions of genuine, common use apps to conduct social engineering attacks. Threat actors deploy numerous…
Atlassian Jira SSRF Vulnerability
Researchers have discovered a SSRF flaw in Atlassian’s Jira an issue tracking and project management software by abusing without obtaining credentials (Jira Service Desk’s Signups function). Tracked as CVE-2022-26135, the…
IBM patches Vulnerabilities in Jackson-Data bind
IBM has fixed 57 vulnerabilities in its Process Mining software, used by enterprises to conduct workflow analysis. The vulnerabilities were inherited from a third-party package, FasterXML jackson-databind, which allows JSON…
Software Composition Analysis (SCA)- A dive!
Software development’s today landscape traveled to have a lot and took major changes, with short release cycles, developers need to rely heavily on open source to accelerate innovation. But that…
Poisoned Python library removed
Researchers have discovered the series of events that lead to the "ctx Python" library being seeded with code that sought to steal the AWS secret keys of anyone who included…
Project Pyrsia – JFrog Open Source Community
JFrog, a DevOps company has introduced Project Pyrsia, an open-source software community initiative that uses blockchain technology to secure software packages from vulnerabilities and malicious code. Project Pyrsia is an open-source-based, decentralized,…
Gitlab New Security Feature Sets
GitLab introduced a new set of software development platforms with features that will help companies improve their cybersecurity, build machine learning applications, and more easily troubleshoot errors. GitLab provides a…