Security news aggregator

Latest coverage for .NET

.NET is Microsoft's software development platform, and flaws in its runtimes or libraries can expose applications and services to attack.

1 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

.NET is Microsoft’s software-development platform: a runtime, standard libraries, language support, and application frameworks used to build web services, APIs, desktop software, and other applications. The name covers modern, cross-platform .NET as well as the older Windows-focused .NET Framework, which have different release and support paths and should be distinguished during vulnerability management.

Security exposure can arise in the runtime, ASP.NET request-handling components, application configuration, and third-party NuGet packages. Vulnerabilities may enable code execution, denial of service, or unauthorized access when affected components are reachable or incorrectly used; insecure deserialization and weak authentication or authorization are recurring application-level concerns. Operators should inventory the exact runtime and framework versions, apply supported security updates, monitor transitive dependencies, and remove obsolete components. Developers should use platform-provided cryptography and TLS appropriately, validate untrusted input, protect secrets outside source code, and configure authentication and authorization explicitly.

Showing 1 most recent headlines Filtered view

Global crypto payments gateway, CoinPayments.net is ceasing operations in the United States soon and has advised users to withdraw their assets before July 19th, 2022. The short notice given by the exchange via a private email left some customers suspecting if this was an "exit scam" or another mysterious incident. [...]