Application Security Blog - AppSec news, trends, tips and insights | Joseph Beeton, Senior Application Security Researcher, Contrast Security

X

AppSec Observer

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Topics

Contrast discovers CSRF vulnerability in NSA’s SkillTree training platform that allows attackers to modify content

July 10, 2024 Joseph Beeton, Senior Application Security Researcher, Contrast Security

Contrast discovers CSRF vulnerability in NSA’s SkillTree training platform that allows attackers to modify content

Contrast Security discovers Netflix OSS Genie bug that can lead to RCE during file upload

May 22, 2024 Joseph Beeton, Senior Application Security Researcher, Contrast Security

Contrast Security discovers Netflix OSS Genie bug that can lead to RCE during file upload

Critical zero-day Confluence RCE vulnerability blocked by Contrast Runtime Security

January 26, 2024 Joseph Beeton, Senior Application Security Researcher, Contrast Security

Critical zero-day Confluence RCE vulnerability blocked by Contrast Runtime Security

Contrast discovers MLflow framework zero-day that threatens to poison machine language models

December 1, 2023 Joseph Beeton, Senior Application Security Researcher, Contrast Security

Contrast discovers MLflow framework zero-day that threatens to poison machine language models

Contrast Assess uncovers Spring-Kafka deserialization zero day

August 30, 2023 Joseph Beeton, Senior Application Security Researcher, Contrast Security

Contrast Assess uncovers Spring-Kafka deserialization zero day

Contrast discovers zero-day flaw in popular Quarkus Java framework

November 29, 2022 Joseph Beeton, Senior Application Security Researcher, Contrast Security

Contrast discovers zero-day flaw in popular Quarkus Java framework