Computerworld

PayPal is the latest victim of Java deserialization bugs in Web apps

PayPal has fixed a serious vulnerability in its back-end management system that could have allowed attackers to execute arbitrary commands on the server and potentially install a backdoor. The ...
Threat Post

Java Serialization Bug Crops Up At PayPal

PayPal has rewarded two researchers with bug bounties for the discovery of a Java serialization vulnerability in manager.paypal.com A Java serialization vulnerability disclosed more than a year ago ...
Infosecurity-magazine.com

SaaS SDKS Impacted by Java Vulnerability

Vulnerabilities can be tricky to detect. Identifying flaws in third-party and downline vendors can be even more difficult to detect, often because of the ways libraries interact with each other.
Semiconductor Engineering

Exploiting The Java Deserialization Vulnerability

In the security industry, we know that operating on untrusted inputs is a significant area of risk; and for penetration testers and attackers, a frequent source of high-impact issues. Serialization is ...