Featured Posts

Where Can I Find Detailed Information and Patches for Apache Struts Vulnerabilities?

A practical guide to locating official Apache Struts security advisories, CVE records, and supported patch options in 2026.

Why "Supported" ≠ "Secure" — And What EOL Really Means for Your Risk Profile

Most security programs assume that 'supported' means 'safe.' That assumption has a dangerous blind spot.

CVE-2026-27739: SSRF and Header Injection in Angular SSR Request Handling Pipeline

How Angular's URL reconstruction logic turned trusted headers into an attacker-controlled proxy

CVE-2026-27970: Cross-Site Scripting (XSS) in Angular i18n ICU Messages

How compromised translation files can execute arbitrary JavaScript in Angular applications using internationalization

Why Long-Term Support Isn’t Only an Enterprise Concern

Why small and mid-sized teams need long-term software support to stay secure, compliant, and focused on growth

My SCA Tool Flagged an EOL Component — What Now?

Your scanner shows green. Your dependency is abandoned. Here's how to understand the gap — and close it.

What the 2026 State of the Software Supply Chain Report Gets Right About End-of-Life Software

We partnered with Sonatype to quantify the EOL problem. Here's what the data actually showed — and what it means for your security program.

Dead Software Is the Vulnerability Your Scanner Misses. EOLDS Catches It — Free.

Introducing the End-of-Life Data Set (EOLDS), free End Of Life detection across 12 million+ packages.

Women Who Shaped Open Source—and Why Their Work Still Matters

How leadership in governance, security, and sustainability reshaped open source—and strengthened the foundation enterprises rely on.

Tomcat’s TLS Cipher Change and What it Means for Spring Boot Apps

How a Routine Tomcat Update Broke TLS Cipher Enforcement — and How We Fixed It

Stop Guessing What's Running in Production: A Fast Grails Estate Inventory

Five Commands to Understand Your Grails Technical Posture Before You Plan Anything

Which Grails Plugins Will Break Your Migration? Here's How to Find Out

A Practical Technical Guide to Mapping Plugin Risk Across Your Grails Services

Before You Migrate to Grails 7, You Need to Answer These Questions

What Your Plugin Footprint Reveals About Your Migration Risk

EOL Software Risk: Small Problem or Enterprise Crisis? Here's How to Tell

Whether you're managing one aging app or a hundred, end-of-life risk is real — but the size of your legacy estate changes everything about how you should respond.

When Node.js Reaches End of Life, Security Takes Over

Managing Security, Compliance, and Continuity in Enterprise Node.js