CISA “Must Patch” List Updation

The U.S. CISA has updated its catalog of “known exploited vulnerabilities” and set deadlines for federal agencies to apply fixes for security defects in software made by Qualcomm, Mikrotik, Zoho…
AppSec Tools NonSync With API Security

AppSec Tools NonSync With API Security

Softwares kept decorating day to day life of humans in any one form of mobile or web platforms. Attackers have increasingly exploiting these applications, and defenders have adopted various testing…
HAProxy Smuggling Attack Vulnerability

HAProxy Smuggling Attack Vulnerability

HAProxy, a widely used open-source load balancer and proxy server, that could be abused by an adversary to possibly smuggle HTTP requests, resulting in unauthorized access to sensitive data and…
Atlassian Confluence Exploit

Atlassian Confluence Exploit

Threat actors were spotted exploiting the CVE-2021-26084 vulnerability in Atlassian’s Confluence enterprise collaboration product. Atlassian released  security patches to address the critical flaw earlier last week. The flaw is an OGNL injection issue that…
Blackberry BadAlloc Alert !

Blackberry BadAlloc Alert !

BlackBerry released an advisory explaining that its QNX Real Time Operating System which is used in medical devices, cars, factories and even the International Space Station can be affected by…
Etherpad Vulnerability

Etherpad Vulnerability

Etherpad is one of the most popular online text editors that allows collaborating on documents in real-time and customizable with more than 250 plugins available and features a version history…