The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...
InfoWorld

The Java serialization algorithm revealed

Serialization is the process of saving an object’s state to a sequence of bytes; deserialization is the process of rebuilding those bytes into a live object. The Java Serialization API provides a ...
InfoWorld

How to work with serialization in .Net

Serialization converts an object's state into a stream of bytes so that it can be persisted in a permanent or temporary storage medium When working with applications, you’ll often need to store data ...
Dark Reading

Why The Java Deserialization Bug Is A Big Deal

A recent blog post by FoxGlove Security that described remotely executable exploits against several major middleware products including WebSphere, WebLogic, and JBoss has focused attention on what ...
CSOonline

Java deserialization vulnerabilities explained and how to defend against them

Java provides a means to conveniently serialize data to maintain its integrity as it's sent over a network. Attackers can exploit vulnerabilities in the deserialization process if there aren't ...