Application security news, updated daily (if there is any news to share).
Content is AI-assisted and reviewed by our team, but issues may be missed and best practices evolve rapidly, send corrections to [email protected]. Always consult official documentation and validate key implementation decisions before making design or security choices.
CVE-2026-28215 lets unauthenticated attackers overwrite self-hosted Hoppscotch infrastructure config via POST /v1/onboarding/config, exposing OAuth credentials and plaintext secrets.
Anthropic is rolling out Claude Code Security in limited preview for Enterprise/Team plans, scanning codebases for vulnerabilities and suggesting patches with human approval.
Red Hat published RHSA-2026:2768, an Important security advisory updating RHEL 9.4 EUS nodejs:20 to address three Node.js vulnerabilities, including a DoS issue.