Roundcube Webmail Security Update Patches Critical Zero-Click XSS and SSRF Bypass Flaws

Roundcube has released version 1.7.2, a security-focused update that addresses multiple high-impact vulnerabilities, including a zero-click stored cross-site scripting (XSS) flaw and a server-side request forgery (SSRF) bypass. This update follows responsible disclosures from various security researchers and is strongly…

The new currency of enterprise velocity

For more than 20 years in this industry, the conversation around enterprise software procurement followed a highly predictable script. An organisation would buy a subscription for an open source solution, lock down a certified version, and effectively try never to…

WolfSSL, GeoVision, VTK vulnerabilities

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities in WolfSSF, fourteen in GeoVision, and one vulnerability in VTK-DICOM. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, in adherence to Cisco’s third-party…