Tag: Open Source

Tech News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

Dec 26, 2025Ravie LakshmananAI Security / DevSecOps A critical security flaw has

Tech News

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

Cybersecurity researchers have disclosed details of a new malicious package on the

Tech News

Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data

Dec 16, 2025Ravie LakshmananCybersecurity / Cryptocurrency Cybersecurity researchers have discovered a new

Tech News

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

Dec 15, 2025Ravie LakshmananVulnerability / Software Security Multiple security vulnerabilities have been

Tech News

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog

Dec 12, 2025Ravie LakshmananVulnerability / Server Security The U.S. Cybersecurity and Infrastructure

Tech News

Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch

Dec 05, 2025Ravie LakshmananApplication Security / Vulnerability A critical security flaw has

Tech News

Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

Dec 03, 2025Ravie LakshmananVulnerability / Cloud Security A maximum-severity security flaw has

Tech News

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

Nov 28, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have discovered vulnerable code

Tech News

Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets

The second wave of the Shai-Hulud supply chain attack has spilled over

Lost your password?