eWeek

How to Defend Against Deadly Integer Overflow Attacks

eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...

Truebit exploit exposes smart-contract flaw behind $26M token mint

The $26 million Truebit hack occurred due to a smart contract vulnerability related to a prior version of Solidity, according ...
Threat Post

Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks

Hackers using a specially crafted XLS files can trigger several remote code execution vulnerabilities in the LibXL library. Researchers have identified seven vulnerabilities in the LibXL C library, ...
Threat Post

Critical Flaws in VNC Threaten Industrial Environments

Some of the bugs allow remote code-execution. The open-source Virtual Network Computing (VNC) project, often found in industrial environments, is plagued with 37 different memory-corruption ...
GIGAZINE

Pointed out that there is a flaw in the ``CVE'' system that assigns IDs to vulnerabilities and manages them

When a vulnerability that becomes an information security flaw is discovered, it is given an identification ID called CVE (Common Vulnerabilities and Exposures), evaluated for severity, and listed.
ITWire

Behind the screen: three vulnerabilities in RenderDoc

GUEST OPINION: The Qualys Threat Research Unit (TRU) has discovered three vulnerabilities in RenderDoc. This blog will delve into the details of these three newly discovered vulnerabilities found ...