Recently in #security #news:

The Common Vulnerability Scoring System has been updated to include new #metrics and multiple scores for vulnerabilities, aiming to provide more nuance and accuracy in reporting. #CVSS

#OAuth, an authorization scheme, can be vulnerable to #attacks if access token validation is not properly implemented, allowing for the reuse of #tokens on different sites.

Apache's #ActiveMQ has a severe Remote Code Exploit #vulnerability that is actively being used in #ransomware attacks, and it is crucial for users to patch their systems to prevent compromise. #RCE

https://hackaday.com/2023/11/03/this-week-in-security-cvss-4-oauth-and-activemq/