The Hacker News

SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass

SolarWinds fixed six Web Help Desk vulnerabilities, including four critical flaws that allow unauthenticated remote code ...
IEEE

LiteCobra: Enhancing Java Deserialization Vulnerability Detection with Call Graph Pruning

Abstract: Java deserialization vulnerabilities have become a critical security threat, challenging to detect and even harder to exploit due to deserialization's flexible and customizable nature.
SecurityWeek

SAP Patches Critical Vulnerabilities in NetWeaver, Print Service, SRM

Business software maker SAP on Tuesday announced the release of 16 new and updated patch notes as part of its monthly rollout, including three fresh notes that address critical-severity ...
CSOonline

SolarWinds fixes Web Help Desk patch bypass for actively exploited flaw — again

‘Third time’s the charm?’ asks a prominent security researcher after what appears to be the same critical Java deserialization flaw gets a third security update. SolarWinds has released a third patch ...
InfoWorld

10 Java-based tools and frameworks for generative AI

Java is not the first language most programmers think of when they start projects involving artificial intelligence (AI) and machine learning (ML). Many turn first to Python because of the large ...
CSOonline

Critical deserialization bugs in Adobe, Oracle software actively exploited, warns CISA

CISA is warning Adobe and Oracle customers about in-the-wild exploitation of critical vulnerabilities affecting the services of these leading enterprise software providers. The US cybersecurity ...
GitHub

Fake MySQL

The FakeMySQL module is similar to the JNDI module. This module enables MySQL JDBC deserialization. JNDI passes the token through the LDAP parameters, while FakeMySQL passes the token through the ...
InfoWorld

Can Java rival Python in AI development?

Can Java give Python a run for its money in the burgeoning, trendy AI space? While Python still gets top billing when it comes to developing for AI, Java proponents see the nearly 30-year-old Java ...
Infosecurity-magazine.com

SolarWinds Urges Upgrade After Revealing Critical RCE Bug

IT management software provider SolarWinds has urged customers to immediately patch a critical vulnerability in its Web Help Desk platform. CVE-2024-28986 is a Java deserialization remote code ...
Dark Reading

SolarWinds: Critical RCE Bug Requires Urgent Patch

SolarWinds is urging its customers to patch a critical vulnerability that was discovered in its Web Help Desk platform, tracked as CVE-2024-28986. This vulnerability is a Java deserialization remote ...
SecurityWeek

SolarWinds Issues Hotfix for Critical Web Help Desk Vulnerability

SolarWinds has released a hotfix for a critical Java deserialization remote code execution vulnerability in Web Help Desk. SolarWinds has released a hotfix to address a critical-severity vulnerability ...