ZDNet

Deserialization issues also affect Ruby, not just Java, PHP, and .NET

The Ruby programming language is impacted by a similar "deserialization issue" that has affected and wreaked havoc in the Java ecosystem in 2016; an issue that later also proved to be a problem for ...
PC World

PayPal is the latest victim of Java deserialization bugs in Web apps

PayPal has fixed a serious vulnerability in its back-end management system that could have allowed attackers to execute arbitrary commands on the server and potentially install a backdoor. The ...
SecurityWeek

SolarWinds Makes Third Attempt at Patching Exploited Vulnerability

SolarWinds announced a hotfix for RCE vulnerability in Web Help Desk, and this is the third time it attempts to address the ...
CSO Online

SolarWinds fixes Web Help Desk patch bypass for actively exploited flaw — again

Third time’s the charm?’ asks a prominent security researcher after what appears to be the same critical Java deserialization ...
InfoWorld

Java XML and JSON: Document processing for Java SE, Part 2: JSON-B

In this article, we’ll continue exploring XML and JSON in Java 11 and beyond. Examples in this article will introduce you to JSON-B, the JSON Binding API for Java. After a quick overview and ...
Threat Post

ColdFusion Hotfix Resolves XSS, Java Deserialization Bugs

Adobe released an important security hotfix for several versions of Coldfusion, resolving two bugs, Tuesday morning. Adobe today released an important security hotfix for several versions of its ...

Third time's the charm? SolarWinds (again) patches critical Web Help Desk RCE

Then in October 2024, SolarWinds disclosed and tried to patch CVE-2024-28988, another 9.8-rated Web Help Desk Java ...