The Spring Framework vulnerability – made public on March 29, 2021 – was caused by unforeseen access to Tomcat’s ClassLoader as a result of the new Module feature added in Java 9.
Read full article on Veracode
Just Because You Don’t Use Log4j or Spring Beans Doesn’t Mean Your Application is Unaffected
- 7-Year-Old 0-Day in Microsoft Office Exploited to Drop Cobalt Strike
- AI Helps Improve About Managed Detection and Response
- TikTok, Flowmon, Cisco, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland – SWN #381
- Impact of organizational structure on ransomware outcomes: Where does your org fit in?
- Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets