Auth0 fixes RCE vulnerability in popular JsonWebToken library
The fix mitigates a remote code execution (RCE) vulnerability in a library that's used for 22,000 projects.
Authentication and authorization services provider Auth0 has fixed a remote code execution vulnerability in the 'JsonWebToken' open-source library. As reported by BleepingComputer, the fix... Read more
Researcher uses 379-year-old algorithm to crack crypto keys
The method used was first introduced by a French mathematician in the 1600's.
Cryptographic keys generated with older software now owned by technology company Rambus are weak enough to be broken instantly using commodity hardware, according to a report in Ars Technica. The revelation was made by... Read more
‘One-third of websites still don’t use https encryption’
According to a monthly survey by security researcher Scott Helme, one-third of the largest global websites do not use https encryption.
In his research for November 2021, researcher Scott Helme focuses on techniques that ensure the security of websites. He used a crawler to examine the 1 million... Read more