Explore >> Select a destination
|
You are here 
|
blog.voltone.net | ||
| | | | |
www.nodejs-security.com
|
|
| | | | | The XZ backdoor CVE-2024-3094 already happened in JavaScript 5 years ago but now the xz and liblzma malware bundled onto Linux distributions is bringing forth a world-wide threatening event in cybersecurity that jeopardizes the trust, sustainability and security concerns in the open-source ecosystem. | |
| | | | |
tomrenner.com
|
|
| | | | | Anyone writing code professionally in December 2021 will remember the "fun" of the Log4J vulnerability. For those that weren't - this was a critical security error that allowed attackers to run any code they wanted on your servers. The root cause was a logging library, Log4J, that is used by most projects that are writting in Java. It's usually used to write code something like: log.info("Process completed successfully"); which will then appear in your logs, allowing you to track your application's behaviour. Pretty innocuous stuff. | |
| | | | |
www.sonatype.com
|
|
| | | | | Crypto stealers are posing as IP checker utilities on npm, targeting Windows, Linux and macOS users with new open source malware campaigns. | |
| | | | |
www.churchpop.com
|
|
| | | Make holy all the things! | ||
