A recent blog post by FoxGlove Security that described remotely executable exploits against several major middleware products including WebSphere, WebLogic, and JBoss has focused attention on what ...

Two men are walking through a forest. Suddenly, they see a bear off in the distance, running toward them. Adrenaline pumping, they start running away. But then one of them stops, takes some running ...

In the security industry, we know that operating on untrusted inputs is a significant area of risk; and for penetration testers and attackers, a frequent source of high-impact issues. Serialization is ...

Vulnerabilities can be tricky to detect. Identifying flaws in third-party and downline vendors can be even more difficult to detect, often because of the ways libraries interact with each other.

Adobe released an important security hotfix for several versions of Coldfusion, resolving two bugs, Tuesday morning. Adobe today released an important security hotfix for several versions of its ...

PayPal has fixed a serious vulnerability in its back-end management system that could have allowed attackers to execute arbitrary commands on the server and potentially install a backdoor. The ...