1518 matches found
Bringing Security Visibility to Vercel with Wiz
Giving developers and security teams a shared view of application risk as it evolves...
Exploit for CVE-2026-40271
Lazarus Group: 19-Day A/B Test Campaign Analysis TLP:CLEA...
EUVD-2026-20795
GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-role permissions to modify protected environment settings due to improper authorization checks in t...
Spring Office Hours Podcast: S5E12 - Developer Soft Skills with Arun Gupta
Join Dan Vega and DaShaun Carter for another essential update from the Spring ecosystem. In this episode, the guys are joined by DevRel and Java legend Arun Gupta to discuss a topic often overlooked but vital for career longevity: soft skills for developers. Drawing from his decades of experience...
CVE-2026-1752
GitLab has remediated an issue in GitLab EE affecting all versions from 11.3 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user with developer-role permissions to modify protected environment settings due to improper authorization checks in t...
CVE-2026-1752
Removed by vendor...
Hackers Pose as Non-Profit Developers to Deploy Monero Mining Malware
REF1695 hackers spread Monero mining malware via fake non-profit installers, using stealth tactics to evade detection and hijack systems for profit...
[SECURITY] Fedora 42 Update: python3.9-3.9.25-7.fc42
Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...
CVE-2026-21629
The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers...
EUVD-2026-17853
The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers...
CVE-2026-21629
The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers...
CVE-2026-21629
The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers...
Joomla! CMS 访问控制错误漏洞
Joomla! CMS is a content management system developed under the open source Joomla! framework. There is an access control vulnerability in the Joomla! CMS. This vulnerability arises from the fact that the ajax component in the administration area is excluded from the default login user checks, whi...
PT-2026-29501
Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The ajax component was excluded from the default logged-in-user check in the administrative area, which may have been unexpected by third-party developers...
Cline 安全漏洞
Cline is an AI programming assistant that serves as an integrated CLI and editor for necboy developers. Cline has a security vulnerability, which stems from OS command injection, potentially leading to remote code execution...
[SECURITY] Fedora 44 Update: python-cryptography-46.0.6-1.fc44
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers...
[SECURITY] Fedora 43 Update: python3.6-3.6.15-55.fc43
Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...
[SECURITY] Fedora 43 Update: python-cryptography-46.0.5-1.fc43
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers...
New Ghost Campaign Uses Fake npm Progress Bars to Phish Sudo Passwords
ReversingLabs researchers identify a new Ghost campaign using fake npm install logs and progress bars to phish for sudo passwords and steal crypto wallets from developers...
Fake OpenClaw Token Giveaway Targets GitHub Devs with Wallet-Draining Scam
OX Security reveals a new phishing campaign targeting GitHub developers. Scammers use fake OpenClaw token giveaways to trick users into connecting and draining their crypto wallets...