NIST says CVE-2022-42889 in Apache Commons Text has been modified [300 words] What: NIST has updated its entry in the National Vulnerability Database pertaining to the Text4Shell vulnerability in Apache Commons Text…
Tag: nist
Newly disclosed vulnerability in PHP package repository highlights growing software supply chain risks
Key takeaway: Attackers are increasingly trying to infiltrate software development environments via malicious and poisoned packages on public code repositories. Robust SBOM and SCA practices are key to mitigating the threat [289…