Secure Planet Training Courses Updated For 2019 - Click Here

There are new available articles, click to refresh the page.

The Hacker News

Apache Cordova App Harness Targeted in Dependency Confusion Attack

By: Newsroom — April 23^rd 2024 at 14:00

Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion attacks take place owing to the fact that package managers check the public repositories before private registries, thus allowing a threat actor to publish a malicious package with the same name to a public package repository. This&

VMWare user? Worried about “ESXi ransomware”? Check your patches now!

By: Paul Ducklin — February 7^th 2023 at 17:59

To borrow from HHGttG, please DON'T PANIC. But if you are two years out of date with patches, please do ACT NOW!

S3 Ep84: Government demand, Mozilla velocity, and Clearview fine [Podcast]

By: Paul Ducklin — May 27^th 2022 at 11:17

Latest episode - listen now!

FTC threatens “legal action” over unpatched Log4j and other vulns

By: Paul Ducklin — January 5^th 2022 at 16:37

Remember the Equifax breach? Remember the $700m penalty? In case you'd forgotten, here's the FTC to refresh your memory!

Serious Security: OpenSSL fixes “error conflation” bugs – how mixing up mistakes can lead to trouble

By: Paul Ducklin — December 17^th 2021 at 17:57

Have you ever seen the message "An error occurred"? Even worse, the message "This error cannot occur"? Facts matter!