Software Development | News, how-tos, features, reviews, and videos
Discovered after OpenJS Foundation Cross Project Council received a request for administrative access for a ‘quick fix’.
Researcher that helped compile the knowledge base of common misconfigurations in SCCM releases scanner MisconfigurationManager.ps1.
The OWASP list provides recommendations aimed at getting around lagging indicators such as CVE catalogs and provides security practitioners with a guide to safely using OSS components.
Caught before it could do widespread damage, the sophisticated vulnerability could have been one of the highest-impact software supply chain breaches to date.
API security often receives inadequate attention, either overlooked in early planning stages or failing to match the pace of rapid technological deployment.
Researchers from SpecterOps have put together a comprehensive resource that catalogs SCCM attacks and provides defensive strategies and hardening guidance.
OWASP’s checklist provides a concise and quick resource to help organizations and security leaders deal with generative AI and LLMs.
Many TeamCity instances remain unpatched, allowing hackers to generate rogue admin accounts at a massive scale.
It’s easier to find and fix bugs in open-source software, but that's no help if organizations use old, unpatched versions.
Apple’s Shortcuts application has a bug that can allow attackers to remotely access sensitive data on Apple devices without user permission.