An update for the Node.js framework includes fixes for DNS rebinding and HTTP smuggling vulnerabilities.
Three serious flaws, including an authentication bypass, a shared hard-coded encryption key, and an open redirect, have been patched in the SonicWall SMA 1000 SSL VPNs.
Lamsweeper has patched three SQL injection bugs and a cross-site scripting bug in its popular IT asset management platform.
Chris Eng of Veracode joins Dennis Fisher to talk about the company's new State of Software Security report and what's driving the increase in enterprises scanning their apps for vulnerabilities.
A bug in many version of the Rust programming language could allow an attacker to trick a program into deleting files and directories.