GitHub has published documentation on seven vulnerabilities in the Node.js packages and warned that exploitation could expose users to code execution attacks.
Source: Read More (SecurityWeek RSS Feed)
You might be interested in …
[ZDNet] We’re still making terrible choices with passwords, even though we know better
People know passwords are a weak spot, but convenience rules. Source: Read More (Latest topics for ZDNet in Security)
[SecurityWeek] OpenSSL 3.0 Released After 3 Years of Development
The OpenSSL Project last week announced the official release of OpenSSL 3.0, a version that has been under development for the past 3 years. read more Source: Read More (SecurityWeek RSS Feed)
[HackerNews] VMware Issues Patches to Fix New Flaws Affecting Multiple Products
VMware on Wednesday shipped security updates to address vulnerabilities in multiple products that could be potentially exploited by an attacker to take control of an affected system. The six security weaknesses (from CVE-2021-22022 through CVE-2021-22027, CVSS scores: 4.4 – 8.6) affect VMware vRealize Operations (prior to version 8.5.0), VMware Cloud Foundation (versions 3.x and 4.x), and Source: […]