Application Security

Git tool patches serious vulnerabilities

repository hosting services GitHub, GitLab and Microsoft VSTS were all impacted by a serious vulnerability that could lead to arbitrary code execution when a developer uses a malicious repository, Threatpost reports. Each of the hosting services patched the bug on Tuesday.

Git tool patches serious vulnerabilities Read More »

Thousands of malicious apps use Facebook APIs

Security firm Trustlook has found at least 25,936 malicious apps using one of Facebook’s APIs, such as a login API or messaging API. Such malicious apps could then use and abuse a range of Facebook login profiles, such as name, location and email address, according to recent blog post.

Thousands of malicious apps use Facebook APIs Read More »

GitHub scans and finds 4M vulnerabilities

GitHub ran a security scan to find old vulnerabilities in JavaScript and Ruby libraries in over a half million public repositories. The scan results turned up over four million vulnerabilities and sent alerts to developers to patch the bugs. GitHub is leading software development platform used to host, review and manage software source code, used by millions of developers.

GitHub scans and finds 4M vulnerabilities Read More »

Apple’s iPhone ‘iBoot’ source code leak

Someone has posted to GitHub the purported source code for a critical component for iPhone’s bootloader or “iBoot.” Access to iBoot code could allow hackers to find vulnerabilities in iOS that could be exploited in the future. iBoot is responsible for ensuring the trusted boot of the mobile operating system, in a sense like iPhone’s BIOS.

Apple’s iPhone ‘iBoot’ source code leak Read More »