CTO
Two researchers have recently discovered an authorization-bypass bug in the popular NextJS framework by Vercel. Tracked as CVE-2025-29927
Tomer Filiba
|
2
min read
A new set of high-severity vulnerabilities, collectively dubbed IngressNightmare, has been discovered by Wiz. Sweet keeps you secure.
Tomer Filiba
|
1
min read
On Friday, a supply chain attack compromised the widely used GitHub Action tj-actions/changed-files, exposing secrets from numerous repos.
Tomer Filiba
|
2
min read
The recent XZ (liblzma) supply-chain attack is a marvel of social engineering and a great example of evading detection under the many-eyes..
Tomer Filiba
|
2
min read
Bleeping Computer has recently reported on a new vulnerability within Ghostscipt, a widely used library for handling PostScript and PDF file
Tomer Filiba
|
min read
Yesterday, a new set of vulnerabilities (CVE-2024-47076, CVE-2024-47175/6/7) was discovered on Linux’s Common UNIX Printing System...
Tomer Filiba
|
3
min read
We’re excited to announce that Sweet Security has officially released CandyStore – an extremely fast open source key-value store
Tomer Filiba
|
2
min read