Multiple vulnerabilities have been discovered in Jenkins plugins that could lead to information disclosure. The three affected plugins are Swarm, Ansible and GitLab.
Security researchers from Trend Micro have uncovered a Magecart skimming attack that targeted 201 online campus stores in the United States and Canada.
Facebook provided an update to a previously disclosed incident involving insecurely storing “tens of thousands” of Instagram users’ passwords on internal servers in clear text. Facebook now says that “millions” of Instagram accounts are now impacted.
The Apache Software Foundation has released new Apache Tomcat versions and mitigations to address a remote code execution (RCE) vulnerability.
Multiple VPN applications are vulnerable to not properly encrypting sensitive data and insecurely storing session cookies.