Git security vulnerabilities prompt updates
Windows users at highest risk from security bugs in software development tool [...]
Showing only posts in The Daily Swig. Show all posts.
African banking sector targeted by malware-based phishing campaign
Attackers use HTML smuggling techniques to hide malicious files in fake job opportunities [...]
Internal AWS credentials swiped by researcher via SQL payload
Amazon cloud service acts quickly to close security hole in RDS [...]
OpenSSH 9.0 bakes in post-quantum cryptography to future proof against attacks
Protection offered against ‘capture now, decrypt later’ attacks [...]
TruffleHog v3: API key leak detection tool adds support for more than 600 types
Third version of the open source software comes with significant upgrades [...]
Access control vulnerability in Easy!Appointments platform exposed sensitive personal data
Unprotected API could expose names, places, times of bookings made using app [...]
Attackers are abusing Spring4Shell vulnerability to spread Mirai botnet malware
Spring is sprung [...]
PacketStreamer: New tool can aid research by revealing potential hacking behaviors
Utility can be used to “indicate the presence of an adversary or the progress of an attack” [...]
Third member of FIN7 cybercrime gang jailed over card skimming scheme
US authorities sentence pen tester to five years in prison [...]
Command injection bug patched in Ruby library for converting AsciiDoc files
Ruby server RCE bug gets quashed [...]
VMware patches critical flaws in Workspace ONE Access identity management software
Virtual reality [...]
Wake-up call: Is the infosec skills gap causing a mental health crisis?
Increasing workloads are causing depression and anxiety among frontline security staff, report claims [...]
Apple paid out $36,000 bug bounty for HTTP request smuggling flaws on core web apps – research
Queue poisoning attacks allegedly put accounts at risk of takeover [...]
Authorities seize Hydra servers in bust against darknet cybercrime marketplace
Wretched hive of villainy shut down [...]
UK retailer The Works blames store closures on POS problems following cyber-attack
Discount chain is working to restore stock deliveries [...]
Spring4Shell: Microsoft, CISA warn of limited, in-the-wild exploitation
The impacted vendor list has also increased [...]
US government launches Bureau of Cyberspace and Digital Policy to enhance cybersecurity across nation
Department will be tasked with addressing the security challenges and opportunities associated with cyberspace [...]
Trend Micro warns of active attacks against Apex Central console
Scramble to patch security dashboard [...]
Singaporean cybersecurity agency launches certification scheme for businesses
Program comprises separate security marks aimed at SMEs and enterprises [...]
Supply chain flaws in PHP package manager PEAR lay undiscovered for 15 years
PEAR was ripe for exploitation via cryptographic flaw and bug in outdated dependency [...]
Trezor cryptocurrency wallets targeted with phishing attacks following Mailchimp compromise
Company claims false data breach emails were spread via newsletters [...]
Cisco software update blocks exploit chain in network management software
Patches released for Nexus Dashboard Fabric Controller vulnerabilities [...]
Bug Bounty Radar // The latest bug bounty programs for April 2022
New web targets for the discerning hacker [...]
GitLab addresses critical account hijack bug
Monthly release also addresses pair of stored XSS flaws [...]
PHP bug allows attackers to bypass domain filters, stage DoS attacks against servers
Filter bypass flaw is triggered only on very large user input, which puts restrictions on its exploitability [...]
« newer articles | page 17 | older articles »