Articles about developer

Stop us if you've heard this one: Remote code hijacking flaw in Apache Struts, patch ASAP

The Apache Foundation is urging developers to update their Struts 2 installations and projects using the code – after a critical security flaw was found in a key component of the framework. A warning this week from Apache reveals that devs should make sure their websites and other applications are running Struts versions 2.5. …
Shaun Nichols, 7 Nov 2018
Linus Torvalds with toy penguins

PC version of Linux 4.19 lands with PC version of Linus Torvalds: Kernel handed back to creator

Woke Linus Torvalds has returned from a four-week exile to once again steer the Linux kernel, the widely used software project he founded nearly 30 years ago. The American-Finnish ex-firebrand programmer is back as its official custodian, according to temporary lead Greg Kroah-Hartman in an announcement for version 4.19 of the …
Shaun Nichols, 22 Oct 2018
Man has panic attack in front of computer

jQuery? More like preyQuery: File upload tool can be exploited to hijack at-risk websites

A serious vulnerability in a widely used, and widely forked, jQuery file upload plugin may have been exploited for years by hackers to seize control of websites – and is only now patched. Larry Cashdollar, a bug-hunter at Akamai, explained late last week how the security shortcoming, designated CVE-2018-9206, allows a …
Shaun Nichols, 22 Oct 2018
Finding bugs in code

Patch me, if you can: Grave TCP/IP flaws in FreeRTOS leave IoT gear open to mass hijacking

Serious security flaws in FreeRTOS – an operating system kernel used in countless internet-connected devices and embedded electronics – can be potentially exploited over the network to commandeer kit. Simply sending specially crafted malicious data to a vulnerable gadget, over the internet or network, can be enough to crash or …
Shaun Nichols, 22 Oct 2018
Aeroflot flight crew and plane

Pain spotting: Russia's Aeroflot Docker server lands internal source code, config files on public internet

Exclusive Russian airline Aeroflot has exposed to the public internet the internal blueprints for its website, aeroflot.ru, The Register has learned. Specifically, the biz has left a Docker registry server open to all the world to see: if asked nicely, with no authentication, it will cough up compressed archives of the confidential …
Shaun Nichols, 26 Sep 2018
A businessman in handcuffs

Uncle Sam wants tech toolkit to snoop social media stock scammers

The US Securities and Exchange Commission (SEC) has put out a call for proposals on a new system that would be able to identify possible stock scams posted on Twitter, Facebook, and other social networks. The SEC posted the call last week with a September 11 deadline for proposals from developers on an application that would …
Shaun Nichols, 5 Sep 2018
Vote button

Voting machine maker vows to step up security, Fortnite bribes players to do 2FA – and more

Roundup Summer rolls on, Reg vultures are making the most of their hols before the September rush hits, and in the past week, we saw Lazarus malware targeting Macs, Adobe scrambling to get an emergency patch out, and Democrats losing their minds over a simple training exercise. Here's what else went down... SOLEO mission Researchers …
Shaun Nichols, 27 Aug 2018

Apple shocked, SHOCKED I tell you, to find gambling in its Chinese App Store

Apple has reportedly kicked off a mass removal of illegal lottery and gambling apps from the China version of its iOS App Store. Multiple reports indicate that the Cupertino phone seller has had to purge roughly 25,000 apps from the localized version of the store it offers on the Chinese mainland. Apple, per usual, did not …
Shaun Nichols, 20 Aug 2018
Online privacy image via Shutterstock

Mozilla-endorsed security plug-in accused of tracking users

A security plug-in for the Firefox browser is under fire after users discovered it was collecting and uploading their online activity. The outcry began after Mozilla featured the Web Security extension on its blog with a post titled "Make Your Firefox Browser a Privacy Superpower." The plug-in, developed by German company …
Shaun Nichols, 15 Aug 2018

Now Pushing Malware: NPM package dev logins slurped by hacked tool popular with coders

Updated An unfortunate chain reaction was averted today after miscreants tampered with a widely used JavaScript programming tool to steal other developers' NPM login tokens. The open-source utility eslint-scope was altered by hackers so that, when used to analyze source code, it would copy the contents of the user's ~/.npmrc file to …
Shaun Nichols, 12 Jul 2018
Cartoon man with panicked expression

Et tu, Gentoo? Horrible gits meddle with Linux distro's GitHub code

If you have fetched anything from Gentoo's GitHub-hosted repositories today, dump those files – because hackers have meddled with the open-source project's data. The Linux distro's officials sounded the alarm on Thursday, revealing someone managed to break into its GitHub organization account to modify software and webpages …
Shaun Nichols, 28 Jun 2018

(Cryptographically) sign me up! Android to take bad app checks offline

Google says Android will no longer require an internet connection to check whether applications are legit or potentially malicious. From now on, the Play Store will embed metadata into apps' APKs that will be used to check whether or not the software is authentic, and confirm whether it came through the official Google souk or …
Shaun Nichols, 20 Jun 2018
Cats eyes behind a zip

Loose .zips sink chips: How poisoned archives can hack your computer

Video Booby-trapped archive files can exploit vulnerabilities in a swath of software to overwrite documents and data elsewhere on a computer's file system – and potentially execute malicious code. Specifically, the flaws, dubbed "Zip Slip" by its discoverers at security outfit Snyk, are path traversals that can potentially be …
Shaun Nichols, 5 Jun 2018
women laughing

DevOps: Social, cooperative... It's gotta be really diverse, right?

I've been working in tech for nearly 25 years and I'm currently involved in DevOps – a mashup of operations and development that works well with cloud infrastructure. "Is DevOps more diverse than other areas of tech?" The Register asked me one day. There's certainly a perception that it is – with a seemingly higher-than-usual …
Anne Currie, 1 May 2018
Couple shocked by something on a smartphone

Oh dear... Netizens think 'private' browsing really means totally private

Netizens have the wrong idea about what their web browser's "private" or "incognito" mode actually does. This is according to researchers at the University of Chicago, in the US, and Leibniz University Hannover, in Germany, who this week declared that folks mistakenly believe that by enabling the incognito browsing mode, they …
Shaun Nichols, 24 Apr 2018
RSA history wall, photo: RSA

No way, RSA! Security conference's mobile app embarrassingly insecure

RSA has copped to a security vulnerability in the backend systems powering the smartphone app for its annual security conference, held this week in San Francisco, USA. Infosec expert "svbl" discovered and reported a privacy cockup in an API, which could be accessed by anyone with an RSA Conference account, to fetch the names …
Shaun Nichols, 20 Apr 2018
Promo poster for Runescape

The true victims of Brexit are poor RuneScape players

The creators of the popular online game RuneScape are raising subscription prices, and putting the blame on Nigel Farage and his Brexit buddies. Developers at UK-based Jagex say they are being forced to jack up the price for monthly game subscriptions in large part because of costs associated with the UK leaving the EU. …
Shaun Nichols, 12 Apr 2018
Woman thumbs down, image via Shutterstock

Developers dread Visual Basic 6, IBM Db2, SharePoint - survey

Stack Overflow’s annual survey has revealed the tools and tech that developers love to hate: Visual Basic 6, IBM Db2 and SharePoint. According to the poll, which took in the views of more than 100,000 devs, Rust is the most loved programming language for the third year running. It is closely followed by Kotlin, which makes its …
Rebecca Hill, 14 Mar 2018

Create a news alert about developer, or find more stories about developer.

Biting the hand that feeds IT © 1998–2018