Recently, NGINX has disclosed a zero-day vulnerability. Around the same time, Microsoft has disclosed another critical vulnerability - Windows RPC RCE vulnerability. in this post, you can find out who's at risk of these two issues and how we can mitigate the risk.
Psychic Signature vulnerability lies in the crypto for ECDSA signatures, which protects systems for critical tasks like authentication. Hackers can bypass any signature check with this vulnerability. We will explain what it is and how to mitigate it in this post.
At the beginning of October, Apache released version 2.4.49 to fix a Path Traversal and Remote Code Execution vulnerability and then 2.4.50 to address the fact that the fix was incomplete. We’ve built a mission to demonstrate the risks in a real-life environment. Try it out now.
Recently, Spring libraries, one of the most popular libraries in the Java community, disclosed 2 vulnerabilities related to Remote Code Execution (RCE). We’ve broken down the known details for “Spring4Shell” and “Spring Cloud Function” to help you understand if you're at risk and what to do if you are.