SHA-3 code execution bug patched in PHP – check your version!
You’ve probably seen story after story in the media in the past week about a critical bug in OpenSSL, though at the time of writing this …
Web Development
Almost 1/3 of Top npm Accounts Aren’t Protected with 2FA
The npm JavaScript package manager and default package manager for the JavaScript runtime environment Node.js is insanely popular. It’s …
ZetaChain Offers Bridgeless Blockchain Interconnectivity
One fundamental challenge for decentralized application (dApp) development is the fact that individual blockchains are not interoperable by …
Irony alert! PHP fixes security flaw in input validation code
If you’re using PHP in your network, check that you’re using the latest version, currently 8.1.3. Released yesterday [2022-02-17], this …
Missouri will not prosecute ‘hacker’ reporter for daring to view state website HTML
The State of Missouri will not prosecute a journalist branded a “hacker” for viewing website source code and reporting a serious security …
Journalist won’t be indicted for hacking for viewing a state website’s HTML
A journalist incorrectly branded as a “hacker” by the governor of Missouri won’t be prosecuted “for hacking”. This was a quick …
PHP Everywhere code execution bugs impact thousands of WordPress websites
Critical remote code execution (RCE) vulnerabilities in a popular WordPress plugin have been made public. The RCE bugs impact PHP …
PHP Everywhere RCE flaws threaten thousands of WordPress sites
Researchers found three critical remote code execution (RCE) vulnerabilities in the ‘PHP Everywhere’ plugin for WordPress, used by over …
Evasive maneuvers: HTML smuggling explained
Microsoft Threat Intelligence Center (MSTIC) last week disclosed “a highly evasive malware delivery technique that leverages legitimate …
Microsoft warns of surge in HTML smuggling phishing attacks
Microsoft has seen a surge in malware campaigns using HTML smuggling to distribute banking malware and remote access trojans (RAT). While …
Token Based Security: Angular Applications, Part 3
Introduction In the previous post of this series, we configured our Angular application as a client of IdnentityServer and completed the …
Token Based Security: Angular Applications, Part 2
Introduction In the previous post on the topic of Token Based Security, we created an API endpoint and protected it (using Authorize …
Token-based Security: Angular Applications – Part 1
Introduction I have written few posts on token-based security, its importance, OAuth, OIDC, and Identity-Server. You can check the previous …
Cisco Releases Security Updates
Cisco has released security updates to address multiple vulnerabilities in Intersight Virtual Appliance. An attacker could exploit these …