InfoWorld

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...
SecurityWeek

Unsecured Perforce Servers Expose Sensitive Data From Major Orgs

A researcher analyzed internet-facing Perforce P4 servers and found that many are still misconfigured, exposing highly ...
CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...