WordPress Simple Shopping Cart plugin <= 5.2.9 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Austin Ginder in WordPress Plugin Simple Shopping Cart versions = 5.2.9...

WordPress JetSmartFilters plugin <= 3.8.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Austin Ginder in WordPress Plugin JetSmartFilters versions = 3.8.1...

Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action

Austin, Texas, United States, 9th April 2026, CyberNewswire...

SpyCloud Launches Supply Chain Solution to Combat Rising Third-Party Identity Threats

New monitoring capability delivers unprecedented visibility into vendor identity exposures, moving enterprises and government agencies from static risk scoring to protecting against actual identity threats...

EUVD-2023-53766

Malicious code in bioql PyPI...

EUVD-2024-16394

Malicious code in bioql PyPI...

Scattered Lapsus$ Hunters Demand Google Fire Security Experts or Face Data Leak

Note: The names of both employees have been removed for privacy reasons, following a request from Google. We are now referring to them as Worker 1 and Worker 2...

CVE-2024-0505

A vulnerability was found in ZhongFuCheng3y Austin 1.0 and classified as critical. This issue affects the function getFile of the file com/java3y/austin/web/controller/MaterialController.java of the component Upload Material Menu. The manipulation leads to unrestricted upload. The exploit has bee...

A Bootiful Podcast: Java Champion, Tessl Devrel head, friend, Virtual JUG co-founder Simon Maple

Hi, Spring fans! In this episode, we catch up with Java Champion, Tessl Devrel head, Virtual JUG co-founder, and friend Simon Maple! This episode was recorded at the amazing ArcOfAI conference held in amazing Austin, TX!...

GHSA-RR8G-9FPQ-6WMG Tokio broadcast channel calls clone in parallel, but does not require `Sync`

The broadcast channel internally calls clone on the stored value when receiving it, and only requires T:Send. This means that using the broadcast channel with values that are Send but not Sync can trigger unsoundness if the clone implementation makes use of the value being !Sync. Thank you to...

Tokio broadcast channel calls clone in parallel, but does not require `Sync`

The broadcast channel internally calls clone on the stored value when receiving it, and only requires T:Send. This means that using the broadcast channel with values that are Send but not Sync can trigger unsoundness if the clone implementation makes use of the value being !Sync. Thank you to...

PT-2025-15909 · Crates.Io · Tokio

The broadcast channel internally calls clone on the stored value when receiving it, and only requires T:Send. This means that using the broadcast channel with values that are Send but not Sync can trigger unsoundness if the clone implementation makes use of the value being !Sync. Thank you to...

SpyCloud Unveils Massive Scale of Identity Exposure Due to Infostealers, Highlighting Need for Advanced Cybersecurity Measures

Austin, TX, 18th September 2024, CyberNewsWire...

austinssc.com Cross Site Scripting vulnerability OBB-3937143

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

austinrealty.on.ca Cross Site Scripting vulnerability OBB-3878562

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-0601

A vulnerability was found in ZhongFuCheng3y Austin 1.0. It has been rated as critical. Affected by this issue is the function getRemoteUrl2File of the file src\main\java\com\java3y\austin\support\utils\AustinFileUtils.java of the component Email Message Template Handler. The manipulation leads to...

CVE-2024-0601

A vulnerability was found in ZhongFuCheng3y Austin 1.0. It has been rated as critical. Affected by this issue is the function getRemoteUrl2File of the file src\main\java\com\java3y\austin\support\utils\AustinFileUtils.java of the component Email Message Template Handler. The manipulation leads to...

Server side request forgery (ssrf)

A vulnerability was found in ZhongFuCheng3y Austin 1.0. It has been rated as critical. Affected by this issue is the function getRemoteUrl2File of the file src\main\java\com\java3y\austin\support\utils\AustinFileUtils.java of the component Email Message Template Handler. The manipulation leads to...

CVE-2024-0601 ZhongFuCheng3y Austin Email Message Template AustinFileUtils.java getRemoteUrl2File server-side request forgery

A vulnerability was found in ZhongFuCheng3y Austin 1.0. It has been rated as critical. Affected by this issue is the function getRemoteUrl2File of the file src\main\java\com\java3y\austin\support\utils\AustinFileUtils.java of the component Email Message Template Handler. The manipulation leads to...

CVE-2024-0601

CVE-2024-0601 affects ZhongFuCheng3y Austin 1.0, specifically the getRemoteUrl2File function in AustinFileUtils.java (Email Message Template Handler). Multiple connected sources (NVD, Red Hat, PRION, PT-SEC) corroborate a server-side request forgery (SSRF) condition triggered by insufficient vali...