Security Boulevard22h
Bypassing picklescan: Sonatype discovers four vulnerabilities
Sonatype has discovered and disclosed four vulnerabilities in picklescan, a tool designed to help developers scan Python ...
Security Boulevard1d
Apache Tomcat Remote Code Execution Vulnerability (CVE-2025-24813)
NSFOCUS CERT detected that Apache issued a security announcement and fixed the remote code execution vulnerability of Apache ...
The Hacker News3d
Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution
Elastic patched a critical Kibana flaw (CVE-2025-25012, CVSS 9.9) enabling arbitrary code execution. Update to version 8.17.3 ...
Opinion
200-plus impressively convincing GitHub repos are serving up malware
Infosec bytes Kaspersky says it has found more than 200 GitHub repos hosting fairly convincing-looking fake projects laced with malicious software.
Cyberattacks on Adobe Coldfusion and Oracle Agile PLM observed
The US cybersecurity authority CISA says it has observed attacks on vulnerabilities in Adobe Coldfusion and Oracle Agile Product Lifecycle Management (PLM). Some vulnerabilities are very old and ...
The Hacker News15d
Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA
CISA adds Adobe ColdFusion and Oracle Agile PLM flaws to KEV catalog, urging agencies to patch by March 17, 2025, to prevent ...