Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
heise online

Access control systems: dormakaba fixes partly critical security vulnerabilities

The Swiss manufacturer of security and locking systems, dormakaba, has fixed several, partly critical, security vulnerabilities in its products. The fixes were preceded by a years-long reporting and ...