Dark Reading

JsonWebToken Security Bug Opens Servers to RCE

A high-severity vulnerability (CVE-2022-23529) has been discovered in the popular JsonWebToken (JWT) open source encryption project, which could be used by attackers to achieve remote code execution ...
Threat Post

Critical Vulnerabilities Affect JSON Web Token Libraries

Critical vulnerabilities exist in several JSON Web Token (JWT) libraries – namely the JavaScript and PHP versions – that could let an attacker bypass the verification step. Critical vulnerabilities ...
Infosecurity-magazine.com

Researchers Find Security Flaw in JsonWebToken Library Used By 20,000+ Projects

A new high-severity vulnerability has been found in the popular JsonWebToken open-source JavaScript package. By exploiting the flaw, an attacker could perform remote code execution (RCE) on a server ...
InfoWorld

How AI will improve API security

APIs have become the crown jewels of organizations’ digital transformation initiatives, empowering employees, partners, customers, and other stakeholders to access applications, data, and business ...
Dark Reading

Popular WAFs Subverted by JSON Bypass

Web application firewalls (WAFs) from five major vendors are vulnerable to malicious requests that use the popular JavaScript Object Notation (JSON) to obfuscate database commands and escape detection ...