Skip to content
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence

Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence

Apr 15, 2025Ravie LakshmananVulnerability / Software Security A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based blogging server software that could allow malicious actors to retain unauthorized access even after a… 

Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders

Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders

Apr 15, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package Index (PyPI) repository that’s designed to reroute trading orders placed on the MEXC cryptocurrency exchange…