'Spring4Shell' bug in framework for Java programming draws widespread warnings
Web applications created in the Spring platform could leave users open to remote code execution, CISA and others are warning.
White House hosts open-source software security summit in light of expansive Log4j flaw
The meeting will combine tech leaders with feds.
US Cyber Command, CISA warn of hackers exploiting critical VMware flaw
The move to the cloud has only increased the value of flaws in code built by VMware and other vendors.
Russia’s SVR spy agency scanned for Microsoft Exchange Server bug, UK and US say
It’s the third time in a month that U.S. officials have published information on hacking techniques allegedly used by the SVR.
Tech titans throw weight behind WhatsApp allegations in NSO surveillance lawsuit
Major firms are joining ranks against NSO.
NSA warns defense contractors of potential SolarWinds fallout
In this case, the issue is a separate vulnerability that can be exploited in concert with the SolarWinds problem.