News

ZDNet6y
Deserialization issues also affect Ruby, not just Java, PHP, and .NET
deserialization. Serialization is the process of converting a data object into a binary format so it can be sent over a network, stored inside a database, or saved on disk. As you might imagine ...
CSOonline3y
APT group hits IIS web servers with deserialization flaws and memory-resident malware
In programming, serialization is the process of converting data into a stream of bytes, usually to transmit it over the wire. Deserialization is the reversal of that process and like with most ...
CSOonline2mon
Big hole in big data: Critical deserialization bug in Apache Parquet allows RCE
A flaw in code for handling Parquet, Apache’s open-source columnar data file format, allows attackers to run arbitrary code on vulnerable instances. The vulnerability, tracked as CVE-2025-30065 ...
WPRI 121y
HiddenLayer Uncovers Deserialization Vulnerability in Open-Source Programming Language, R
This can be exploited through the loading of RDS (R Data Serialization ... Vulnerability in R's Deserialization." Following our responsible disclosure process, HiddenLayer worked closely with ...