Security Boulevard

How Tenable Found a Way To Bypass a Patch for BentoML’s Server-Side Request Forgery Vulnerability CVE-2025-54381

Tenable Research recently discovered that the original patch for a critical vulnerability affecting BentoML could be bypassed ...
Bleeping Computer

ShellTorch flaws expose AI servers to code execution attacks

A set of critical vulnerabilities dubbed 'ShellTorch' in the open-source TorchServe AI model-serving tool impact tens of thousands of internet-exposed servers, some of which belong to large ...
Bleeping Computer

PHP's Git server hacked to add backdoors to PHP source code

In the latest software supply chain attack, the official PHP Git repository was hacked and the code base tampered with. Yesterday, two malicious commits were pushed to the php-src Git repository ...
ZDNet

Facebook patches critical server remote code execution vulnerability

Facebook has resolved a serious security flaw within a company server which permitted the remote execution of code by threat actors. Security researcher Daniel 'Blaklis' Le Gall, from SCRT information ...