Skip to content

In the News

Featured

10/27/2022

Two cybersecurity champions to exit Congress

In January, Congress will lose two cybersecurity champions, with both Rep. Jim Langevin and Sen. Rob Portman retiring after the midterm elections.

Read More
Two cybersecurity champions to exit Congress

12/02/2022

Pentagon moves to beef up cybersecurity

The Department of Defense will move to a so-called zero-trust cybersecurity model by 2027.

Read More arrow-right-tertiary

12/01/2022

Researchers Disclose Critical RCE Vulnerability Affecting Quarkus Java Framework

A critical security vulnerability has been disclosed in the Quarkus Java framework that could be potentially exploited to achieve remote code execution on affected systems.

Read More arrow-right-tertiary

12/01/2022

One Year After Log4Shell, Most Firms Are Still Exposed to Attack

Though there have been fewer than expected publicly reported attacks involving the vulnerability.

Read More arrow-right-tertiary

11/30/2022

Developers Warned of Critical Remote Code Execution Flaw in Quarkus Java Framework

Available since 2019, Quarkus is an open source Kubernetes-native Java framework designed for GraalVM and HotSpot virtual machines.

Read More arrow-right-tertiary

11/30/2022

Critical Quarkus Flaw Threatens Cloud Developers With Easy RCE

Red Hat has issued patches for a bug in an open source Java virtual machine software that opens the door to drive-by localhost attacks.

Read More arrow-right-tertiary

11/30/2022

New Financial Assistance Program For Open Source Developers Makes Its Way

The new program to provide financial assistance to open source developers has been announced by Contrast Security. Through the programme, more than $15,000 will be distributed to support activities. 

Read More arrow-right-tertiary

11/30/2022

Zero-Day Flaw Discovered in Quarkus Java Framework

A high-severity zero-day vulnerability has been discovered in the Red Hat build of Quarkus.

Read More arrow-right-tertiary

11/29/2022

Contrast Security announces new program to financially support open source developers

Contrast Security has announced a new sponsorship program to support open source developers. 

Read More arrow-right-tertiary

11/29/2022

Localhost attack against Quarkus developers | Contrast Security

While preparing a talk for the recent DeepSec Conference about attacking the developer environment through drive-by localhost, I reviewed some popular Java frameworks to see if they were vulnerable.

Read More arrow-right-tertiary

11/29/2022

OpZero’s modus operandi: opportunity hunter, front for Kremlin, or both?

OpZero, a Russian company, is a fairly new player in the market of zero-day exploits.

Read More arrow-right-tertiary

11/28/2022

Could “The New Twitter” Run Into Issues With GDPR One Stop Shop Rule? Irish DPC Source Indicates Staffing Situation May Be a Problem

Elon Musk’s takeover of Twitter has come with sweeping changes to the company’s structure.

Read More arrow-right-tertiary

11/23/2022

Hidden Russian Software in Thousands of Apps Sparks Fears of Online Activity Tracking, Prompts Ban by US Army

A piece of Russian software buried in thousands of apps has raised concerns in some government agencies.

Read More arrow-right-tertiary

Experience Contrast today

See how you could get secure code moving on the Contrast Secure Code Platform