Steps to Responsible Disclosure with Bas van Schaik, Man Yue Mo and Brian Fox

By Mark Miller on March 20, 2018 Open Source

2 minute read time

In this episode of the OWASP 24/7 Podcast Series, I speak with the research team at Semmle on how they discovered the Pivotal Spring framework vulnerability.
Read More...

Struts2 Vulnerability Cracks Equifax

By Derek Weeks on September 09, 2017 Software Supply Chain

3 minute read time

Equifax breach of 143 million consumer records linked to Struts2 open source vulnerability.
Read More...

What you should know about the latest Struts2 Vulnerability (video and podcast)

By Mark Miller on September 08, 2017 OSS governance

1 minute read time

What you should know about the recent struts 2 vulnerability announcements from September 2018
Read More...

A Struts2 Vulnerability Hurricane: Deserialization

By Derek Weeks on September 06, 2017 Struts

3 minute read time

Attackers are widely exploiting a new vulnerability in Apache Struts2 that allows them to remotely execute malicious code on web servers.
Read More...