June 2025

Your biweekly summary of application security vulnerabilities, innovative hacking methods, and recent cybersecurity developments. KeePass has found itself in the spotlight following the identification of a suspected vulnerability that threatens its credibility. Security experts alerted that it may be feasible to create a trigger that extracts all data from the KeePass database in plain text,…

Your bi-weekly update on application security vulnerabilities, innovative hacking methods, and other essential cybersecurity information. KeePass has recently found itself under scrutiny regarding a reported vulnerability within its password management software. Security experts cautioned that a potential flaw could allow an attacker to trigger the export of all data from the KeePass database in plaintext…

Charlie Osborne 15 February 2023 at 14:01 UTC Updated: 17 February 2023 at 11:07 UTC New vulnerabilities related to Remote Code Execution (RCE) and denial-of-service have been identified in Kafka Connect. UPDATED The Apache Software Foundation (ASF) has addressed a critical vulnerability that could allow RCE attacks via Kafka Connect. This flaw, announced on February…

Charlie Osborne – 15 February 2023 at 14:01 UTC Updated: 17 February 2023 at 11:07 UTC A critical vulnerability associated with remote code execution (RCE) and denial-of-service has been uncovered in Kafka Connect. UPDATE: The Apache Software Foundation (ASF) has addressed a vulnerability that can facilitate remote code execution (RCE) attacks through Kafka Connect. The…

Adam Bannister15 February 2023 at 16:49 UTCUpdated: 16 February 2023 at 11:11 UTC New legal protections for security researchers present some of the strongest safeguards in Europe. Belgium has emerged as the first European nation to establish a national safe harbor framework specifically designed for ethical hackers, as announced by the country’s cybersecurity agency. The…

Recent exploits have revealed potential vulnerabilities that may allow unauthorized access to backend servers. HAProxy, a widely used open source load balancer and reverse proxy, has addressed a vulnerability that could permit attackers to execute HTTP request smuggling attacks. By delivering a carefully crafted HTTP request, malicious actors could circumvent HAProxy’s filters, leading to unauthorized…

Recent vulnerabilities could give intruders access to backend servers. HAProxy, a well-known open source load balancer and reverse proxy, has corrected a vulnerability that could allow attackers to execute HTTP request smuggling attacks. An attacker could exploit this vulnerability by sending a specially crafted HTTP request, enabling them to circumvent HAProxy’s security filters and gain…

Recent exploitation techniques could allow attackers to gain access to backend servers. HAProxy, a widely used open source load balancer and reverse proxy, has addressed a vulnerability that could empower attackers to conduct HTTP request smuggling attacks. By carefully crafting an HTTP request, an attacker can potentially bypass HAProxy’s security measures, gaining unauthorized access to…

API security serves as an excellent entry point for those aspiring to embark on a career in penetration testing, as highlighted by an expert in the field. INTERVIEW – Protecting web APIs requires distinct strategies as conventional web application security approaches frequently overlook the prevalent vulnerabilities. According to Corey J Ball, an authority in API…

Vulnerabilities can lead to unauthorized access to backend servers. HAProxy, a widely used open-source load balancer and reverse proxy, has addressed a security vulnerability that allowed potential attackers to execute HTTP request smuggling attacks. An attacker could exploit this issue by sending a specially crafted HTTP request, evading HAProxy’s filters, and accessing backend servers without…