Securing agentic AI: Your guide to the Microsoft Ignite sessions catalog

Security is a core focus at Microsoft Ignite 2025, reflected in dedicated sessions and hands-on experiences designed for security professionals and leaders. Whether you’re shaping strategy or working on the front lines, Microsoft Ignite offers direct access to the latest advancements and practica...

EUVD-2018-14592

Malware in sbrugna...

EUVD-2021-27130

Malware in sbrugna...

EUVD-2017-1971

Malware in sbrugna...

EUVD-2021-1118

Malware in sbrugna...

EUVD-2024-48289

Malicious code in bioql PyPI...

Wiz Research Uncovers Critical Vulnerability in AI Vibe Coding platform Base44 Allowing Unauthorized Access to Private Applications

New discovery underscores security implications of AI-powered development and the rise of Vibe Coding Platforms...

CVE-2025-50072

...

CVE-2024-46992 Electron ASAR Integrity bypass by just modifying the content

Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From versions 30.0.0-alpha.1 to before 30.0.5 and 31.0.0-alpha.1 to before 31.0.0-beta.1, Electron is vulnerable to an ASAR Integrity bypass. This only impacts apps that have the...

Important: mod_security security update

ModSecurity is an open source intrusion detection and prevention engine for web applications. Security Fixes: modsecurity: ModSecurity Has Possible DoS Vulnerability CVE-2025-47947 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

[SECURITY] Fedora 41 Update: mod_security-2.9.9-1.fc41

ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks...

CVE-2012-5179

The Boat Browser application before 4.2 and Boat Browser Mini application before 3.9 for Android do not properly implement the WebView class, which allows attackers to obtain sensitive information via a crafted application...

AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface

Organizations now use an average of 112 SaaS applications —a number that keeps growing. In a 2024 study, 49% of 644 respondents who frequently used Microsoft 365 believed that they had less than 10 apps connected to the platform, despite the fact that aggregated data indicated over 1,000+ Microso...

CVE-2025-26660

SAP Fiori applications using the posting library fail to properly configure security settings during the setup process, leaving them at default or inadequately defined. This vulnerability allows an attacker with low privileges to bypass access controls within the application, enabling them to...

6 Types of Applications Security Testing You Must Know About

Application security testing is a critical component of modern software development, ensuring that applications are robust and resilient against malicious attacks. As cyber threats continue to evolve in complexity and frequency, the need to integrate comprehensive security measures throughout the...

Important: Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update

Migration Toolkit for Applications 6.2.3 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

How to Apply NIST Principles to SaaS in 2023

The National Institute of Standards and Technology NIST is one of the standard-bearers in global cybersecurity. The U.S.-based institute's cybersecurity framework helps organizations of all sizes understand, manage, and reduce their cyber-risk levels and better protect their data. Its importance ...

CVE-2021-42119 Stored XSS in Search Function in TopEase

Persistent Cross Site Scripting in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version = 7.1.27 via the Search Functionality allows authenticated users with Object Modification privileges to inject arbitrary HTML and JavaScript in object attributes, which is then...

ChopChop - ChopChop Is A CLI To Help Developers Scanning Endpoints And Identifying Exposition Of Sensitive Services/Files/Folders

ChopChop is a command-line tool for dynamic application security testing on web applications, initially written by the Michelin CERT. Its goal is to scan several endpoints and identify exposition of services/files/folders through the webroot. Checks/Signatures are declared in a config file by...

Why ArtsSEC decided to partner with Wallarm

by Maximiliano Soler, @maxisoler by Maximiliano Soller, CTO of ArtsSEC The greatest thing with partnerships is how well the organisations’ expertise complement each other. Our partnership with Wallarm has incredibly exceeded our expectations in their innovation and expertise in web application...