A four-year old Microsoft Azure App Service 0-day vulnerability dubbed “NotLegit” affects hundreds of source code repositories.
PHP maintainer Nikita Popov has published new details regarding the likely cause of a recent PHP source code compromise and insert of malicious code.
Drupal has released a security update that fixes two Critical arbitrary PHP code execution vulnerabilities (CVE-2020-28949 and CVE-2020-28948) in multiple versions of Drupal.
Drupal has released a security update that fixes a Critical RCE vulnerability CVE-2020-13671 in multiple versions of Drupal.
Developers have updated the WordPress plugin File Manager to fix a critical vulnerability that could have allowed hackers to gain complete access to nearly 700 thousand WordPress websites.
Adobe has released security updates that fix multiple vulnerabilities in Magento Commerce and Open Source editions.
A recently patched vulnerability in newer versions of the PHP programming language is being exploited in the wild. The remote code execution (RCE) bug could allow an attacker to take over NGINX servers.
WordPress 5.1.1 security and maintenance release is now available. The update released on Wednesday includes 14 fixes and enhancements.
Attackers are using a variant of the infamous Mirai IoT botnet dubbed “Miori” to exploit a Remote Code Execution (RCE) vulnerability in ThinkPHP, a free open-source PHP framework.
The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released a security advisory that addresses multiple PHP vulnerabilities.