Apache StreamPipes Flaw Lets Anyone Become Admin

Sometimes a breach doesn’t kick down the front door. It just changes the name on the badge.
Dark Reading

'Money Lover' Finance App Exposes User Data

A finance app called "Money Lover" has been found leaking user transactions and their associated metadata, including wallet names and email addresses. That’s according to Trustwave, which published ...
SiliconANGLE

Critical Atlassian Confluence flaw with vulnerability score of 10 draws federal warning

The U.S. Cybersecurity and Infrastructure Agency, the Federal Bureau of Investigation and the Multi-State Information Sharing and Analysis Center today released a Cybersecurity Advisory over a ...
SiliconANGLE

Patch now: Unauthenticated attackers target severe Atlassian Confluence vulnerability

A recently disclosed vulnerability in Atlassian Corp.’s Confluence Data Center and Server is being actively targeted in the wild and has been upgraded to a 10 on the Common Vulnerability Scoring ...
ZDNet

OWASP updates top 10 vulnerability ranking for first time since 2017

Nonprofit foundation Open Web Application Security Project (OWASP) has released an updated draft of its ranking of the top 10 vulnerabilities, the first changes to the list since November 2017. The ...