SAP Patches Critical Command Injection Vulnerabilities

March 12, 2024 at 02:04PM SAP released 10 new and two updated security notes as part of its March 2024 Security Patch Day, addressing serious bugs in business-facing products. Three “hot news” notes resolve critical vulnerabilities in the Chromium browser, the lodash utility library, and a code injection flaw in the NetWeaver AS Java. The … Read more

Bitwarden adds passkey support to log into web password vaults

January 11, 2024 at 02:41PM Bitwarden password manager now allows users to log into their web vaults using passkeys, a more secure and phishing-resistant alternative to traditional passwords. The implementation relies on the PRF WebAuthn extension for encryption and decryption. Users can register passkeys using a hardware security key, increasing security without sacrificing convenience. The … Read more