The NuPoint Unified Messaging (NPM) module in Mitel MiCollab versions up to 9.8 SP1 FP2 (9.8.1.201) is vulnerable to a path traversal attack caused by insufficient input validation. This vulnerability could be exploited by an unauthenticated attacker to gain unauthorized access to sensitive files, potentially allowing them to read, alter, or delete user data and critical system settings. The Mitel MiCollab Arbitrary File Read Vulnerability combines CVE-2024-41713 with another yet-to-be-assigned issue.

On December 2, 2024, the Solana community faced a significant security incident involving the @solana/web3.js npm package, a critical library for developers building on the Solana blockchain with over 450K weekly downloads. This blog post aims to break down the attack flow, explore how it happened, and discuss the importance of supply chain security.

Confluent Cloud is a Kafka–as-a-service solution that simplifies the deployment, scaling, and operation of Kafka clusters. A popular feature is its Apache Kafka connectors, which make it easy to connect your Kafka clusters to any of 120+ third-party streaming data sources and destinations.

We are beyond excited to share some fantastic news with our community: Jazzer is now fully open source again under the Apache 2.0 license!

Once upon a time, workers sat in offices, only used corporate desktops and crossed a single authentication checkpoint to access company resources kept snugly behind a protective barrier. The world has changed dramatically since then. Cloud and hybrid environments are vast and complex. Work happens anywhere and everywhere. Company employees, contractors, partners and other users interact daily with multiple endpoints—personal and company-owned—alongside SaaS applications and sensitive data.