PrestaShop websites vulnerable to major SQL Injection attacks
PrestaShop websites are reported vulnerable to a major SQL Injection vulnerability (tracked as CVE-2022-36408) and have been exploited in the wild since July 2022.
SQLi
Adobe releases security updates for Magento (APSB20-59)
Magento has released security updates to address vulnerabilities in Magento Commerce and Magento Open Source.
VMware patches VeloCloud SQL-injection vulnerability (CVE-2020-3973)
VMware has released a patch for a high severity SQL-injection vulnerability CVE-2020-3973 in VMware SD-WAN by VeloCloud (VeloCloud).
Adobe patches Magento vulnerabilities
Adobe has released security updates that fix multiple vulnerabilities in Magento Commerce and Open Source editions.
OWASP API Security Top 10 2019
The Open Web Application Security Project (OWASP) has released its OWASP API Security Top 10 2019. This is the first version of the API Top 10. OWASP will likely update the guidelines every three to fours years, similar to the other OWASP Top 10 series.
The 2018 Data Breach Investigations Report (DBIR) is Out
This year’s Verizon 2018 Data Breach Investigations Report (DBIR) includes over 53,000 security incidents, 2,216 confirmed data breaches across 65 countries worldwide. Verizon published the 11th edition of the DBIR with help from 67 contributors.