A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence large language model (LLM) responses through prompt ...

Abstract: Java deserialization vulnerabilities have become a critical security threat, challenging to detect and even harder to exploit due to deserialization's flexible and customizable nature.

A maximum-severity security flaw has been disclosed in React Server Components (RSC) that, if successfully exploited, could result in remote code execution. The vulnerability, tracked as ...

How next-generation AI-driven traceability hubs can transform pharmaceutical serialization from a compliance requirement into a business advantage, while enabling real-time supply chain visibility, ...

On September 18, 2025, Fortra published a security advisory regarding a critical deserialization vulnerability in GoAnywhere MFT’s License Servlet, which is tracked as CVE-2025-10035 and has a CVSS ...

Tracked as CVE-2025-10035 (CVSS score of 10), the critical deserialization vulnerability could be exploited for command injection. Fortra has released patches for a critical-severity vulnerability in ...

Long-Term Support release, with features ranging from structured concurrency and compact object headers to ahead-of-time method profiling and JFR CPU-time profiling on Linux, is now generally ...

Threat actors have been exploiting a zero-day vulnerability in legacy Sitecore deployments to deploy WeepSteel reconnaissance malware. The flaw, tracked under CVE-2025-53690, is a ViewState ...

A critical Sitecore zero-day vulnerability is under active exploitation in the latest series of ViewState deserialization attacks this year. The vulnerability, tracked as CVE-2025-53690 and disclosed ...

SAP has released patches for multiple insecure deserialization vulnerabilities in NetWeaver that could lead to full system compromise. Enterprise software maker SAP on Tuesday announced the release of ...