SecurityWeek

From Open Source to OpenAI: The Evolution of Third-Party Risk

Software supply chain attacks are evolving as open source and AI-generated code introduce new third-party risks. Learn how visibility and shift-left security reduce exposure.

Apache Commons Text: Code injection vulnerability in older versions

Apache Commons Text is used for processing character strings in Java apps. A critical vulnerability allows the injection of malicious code.
Opinion
Security BoulevardOpinion

Best of 2025: Oracle Breach: The Impact is Bigger Than You Think | Grip

Learn how the Oracle breach amplifies your risk from rogue cloud tenants plus how Grip helps organizations detect exposure and respond fast to mitigate risks.
GitHub

Log4j2 appender for Report Portal

To start using Report Portal log appending you need to include this library into your project dependencies according to your build system. sending a File object as a log4j log message. In this case a ...
InfoWorld

React2Shell is the Log4j moment for front end development

Attackers have upped the ante in their exploits of a recently-disclosed maximum severity vulnerability in React Server Components (RSC), Next.js, and related frameworks. Attackers initially exploited ...
InfoWorld

Get poetic in prompts and AI will break its guardrails

25 frontier proprietary and open-weight models yielded high attack success rates when prompted in verse, indicating a deeper, underlying problems in their ability to process ambiguity veiled in poetry ...
GitHub

OpenTelemetry Instrumentation for Java

This project provides a Java agent JAR that can be attached to any Java 8+ application and dynamically injects bytecode to capture telemetry from a number of popular libraries and frameworks. You can ...