CIO

PayPal is the latest victim of Java deserialization bugs in Web apps

PayPal has fixed a serious vulnerability in its back-end management system that could have allowed attackers to execute arbitrary commands on the server and potentially install a backdoor. The ...
Computerworld

The Java serialization algorithm revealed

The Java Serialization API provides a standard mechanism for developers to handle object serialization. In this tip, you will see how to serialize an object, and why serialization is sometimes ...
CSOonline

Attackers hide malicious code in Hugging Face AI model Pickle files

The popular Python Pickle serialization format, which is common for distributing AI models, offers ways for attackers to inject malicious code that will be executed on computers when loading models ...