The Spring Framework vulnerability – made public on March 29, 2021 – was caused by unforeseen access to Tomcat’s ClassLoader as a result of the new Module feature added in Java 9.
Read full article on Veracode
Just Because You Don’t Use Log4j or Spring Beans Doesn’t Mean Your Application is Unaffected
- Bloke behind Helix Bitcoin launderette jailed for three years, hands over $400M
- Letting chatbots run robots ends as badly as you’d expect
- ANZ CIO Challenges: AI, Cybersecurity & Data Analytics for 2025
- Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit
- Drinking water systems for 26M Americans face high cybersecurity risks