Spring Developers Have a Blindspot When It Comes to Container Security

BellSoft announces the publication of a new report, “Security in the Blind Spot: What Spring Developers Don't Know About Their Own Containers,” including the results of a survey of developers ...
Bleeping Computer

New Spring Java framework zero-day allows remote code execution

A new zero-day vulnerability in the Spring Core Java framework called 'Spring4Shell' has been publicly disclosed, allowing unauthenticated remote code execution on applications. Spring is a very ...
Dark Reading

Zero-Day Vulnerability Discovered in Java Spring Framework

A zero-day vulnerability found in the popular Java Web application development framework Spring likely puts a wide variety of Web apps at risk of remote attack, security researchers disclosed on March ...