Security

Last year, Github acquired the code analysis platform Semmle and now we can see this acquisition in practice : a new code scanning security feature have just been rolled out for...

Hope you will are not coming to this page the day you are hit by a malware ! Because the day you discover that your server is compromised by a malware...

A very serious security issue that has been long standing with PHP have been quietly fixed without being noticed until it was submitted to the OSS security mailing list. The vulnerability...

SourceGuardian 12 have just been released with full support of all the new PHP 8 language features. The new version now supports PHP 8 encoding, in addition to named parameters, attributes, union...

CipherSweet is a backend library developed by Paragon Initiative Enterprises for implementing searchable field-level encryption. The library come to answer the question "How do we securely encrypt database fields but still use these fields in...

Two months only remaining for PHP5 to get security releases before its official end of life. The version 5 of PHP is powering the web since 2014, however it is no...

Paragon Initiative Enterprises shared an interesting piece to Cryptographically Secure PHP Development. The article could be considered as additional resources to rules for programming cryptography code in C and point to...

Wordfence disclosed this week multiple vulnerabilities patched in the popular Responsive Menu WordPress plugin that exposed more than 100,000 sites to takeover attacks. The three vulnerabilities revealed grant attackers the ability...

Essential PHP Securityby Chris ShiflettChris Shiflett have just announced the launch of PHPSecurity.org, the companion web site for his new book, Essential PHP Security. I have already announced the launch of...

Fabien Potencier have just published a new security issue CVE-2018-19789 related to the disclosure of uploaded files full path that affect versions 2.7.0 to 2.7.49, 2.8.0 to 2.8.48, 3.0.0 to 3.4.19,...