Deserialized web security roundup: KeePass dismisses ‘vulnerability’ report, OpenSSL gets patched, and Reddit admits phishing hack Your fortnightly rundown of AppSec vulnerabilities, new ha... 2023-2-11 00:30:6 | 阅读: 18 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net security development analysis swig

OAuth ‘masterclass’ crowned top web hacking technique of 2022 Adam Bannister10 February 2023 at 14:56 UTC Updated: 10 February 2023 at 16:10 UTC... 2023-2-10 22:56:50 | 阅读: 20 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net kettle injection portswigger rosén memcached

Radio silence from DMS vendor quartet over XSS zero-days No response or patch yet forthcoming from providers of vul... 2023-2-10 19:55:43 | 阅读: 15 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net dms rapid7 attacker severe

New XSS Hunter host Truffle Security faces privacy backlash Adam Bannister09 February 2023 at 17:12 UTC Updated: 22 February 2023 at 15:09 UTC... 2023-2-10 01:12:41 | 阅读: 10 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net security truffle anonymized xsshunter bryant

Second UK Computer Misuse Act consultation reflects ‘very little progress’ Adam Bannister08 February 2023 at 17:02 UTC Updated: 09 February 2023 at 10:09 UTC... 2023-2-9 01:2:6 | 阅读: 7 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net security cma statutory faith

Top 10 web hacking techniques of 2022 Published: 08 February 2023 at 14:20 UTC... 2023-2-8 22:20:30 | 阅读: 69 | 收藏 | PortSwigger Research - portswigger.net security nominations desync poisoning client

DOM XSS vulnerability in Gartner Peer Insights widget patched Charlie Osborne08 February 2023 at 13:42 UTC Updated: 20 February 2023 at 12:31 UTC... 2023-2-8 21:42:19 | 阅读: 11 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net widget steven security victim postmessage

Toyota sealed up a backdoor to its global supplier management network Adam Bannister07 February 2023 at 17:34 UTC Updated: 14 February 2023 at 11:15 UTC... 2023-2-8 01:34:8 | 阅读: 8 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net toyota zveare shi gspims security

Google engineers plot to mitigate prototype pollution Plan to create boundary between JavaScript objects and the... 2023-2-6 23:57:39 | 阅读: 7 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net proposal pollution blueprints tc39 stage

Serious security hole plugged in infosec tool binwalk Adam Bannister03 February 2023 at 16:36 UTC Updated: 17 February 2023 at 13:20 UTC... 2023-2-4 00:36:49 | 阅读: 7 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net binwalk kaiser security pfs reverse

Truffle Security relaunches XSS Hunter tool with new features Popular hacking aid now available with CORS misconfig dete... 2023-2-2 23:8:23 | 阅读: 8 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net security truffle ayrey xsshunter

Researcher drops Lexmark RCE zero-day rather than sell vuln ‘for peanuts’ Charlie Osborne01 February 2023 at 12:18 UTC Updated: 17 February 2023 at 13:10 UTC... 2023-2-1 20:18:8 | 阅读: 12 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net lexmark geissler security printer offered

Bug Bounty Radar // The latest bug bounty programs for February 2023 Adam Bannister31 January 2023 at 15:13 UTC Updated: 28 February 2023 at 18:00 UTC... 2023-1-31 23:13:57 | 阅读: 11 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net reward publicmax xchange security

Tell us what you think: The Daily Swig reader survey 2023 Jessica Haworth29 January 2023 at 14:03 UTC... 2023-1-29 22:3:40 | 阅读: 8 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net security burp draw swag readers

Deserialized web security roundup: ‘Catastrophic cyber events’, another T-Mobile breach, more LastPass problems Adam Bannister27 January 2023 at 16:48 UTC Updated: 27 February 2023 at 15:33 UTC... 2023-1-28 00:48:16 | 阅读: 7 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net security swig github

Burp Suite roadmap update: January 2023 Matt Atkinson |27 January 2023 at... 2023-1-27 22:48:49 | 阅读: 38 | 收藏 | PortSwigger Blog - portswigger.net burp roadmap wip client

Facebook two-factor authentication bypass issue patched Emma Woollacott27 January 2023 at 11:50 UTC Updated: 17 February 2023 at 14:20 UTC... 2023-1-27 19:50:0 | 阅读: 12 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net facebook attacker security bypass victim

Packetlabs Ltd delivers advanced testing capabilities with Burp Suite Certified Practitioners Emma Stocks |27 January 2023 at 1... 2023-1-27 19:11:24 | 阅读: 29 | 收藏 | PortSwigger Blog - portswigger.net burp testers packetlabs ltd denis

Ruby on Rails apps vulnerable to data theft through Ransack search Several applications were vulnerable to brute-force attack... 2023-1-27 01:27:49 | 阅读: 7 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net ransack security euler rails association

Trellix automates tackling open source vulnerabilities at scale Charlie Osborne26 January 2023 at 13:52 UTC Updated: 26 January 2023 at 13:55 UTC... 2023-1-26 21:52:42 | 阅读: 10 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net trellix schulz python repository tarfile