SEARCH
Archive
Java Crypto Bug Allows Forging of Signatures, Certificates
A critical bug in Java's implementation of ECDSA (CVE-2022-21449) can allow an attacker to forge a signature or certificate to deliver virtually any payload.
Spring Framework Flaw Exploited in Mirai Malware Attacks
The previously discovered RCE flaw in the Spring framework is being leveraged by attackers to deploy the Mirai botnet malware.
Researchers Warn of RCE Bug in Spring Framework
A remote code execution flaw in the Spring Java framework has been uncovered, and exploits are circulating in some places.
Critical Log4j Flaw Fallout Continues
The widespread usage of Log4j is adding complexity to organizations attempting to apply patches.
What Defenders Need to Know About the Latest Struts Flaw
It hasn’t even been a year since the Equifax breach was made public, and Apache has fixed yet another another critical vulnerability in the Struts web application framework. Does your incident response plan include assessing the risk exposure and deploying defenses on top of patch management?