Connect with us
NodeBB, a Node.js platform for creating forum applications, has patched a prototype pollution vulnerability that could allow attackers to impersonate other users and take over administrator accounts. The vulnerability was...
Giving Elon Musk a follow on Twitter? You might be shortlisted by scammers looking to defraud Elon’s newest followers. New Musk followers are being added to...
Steps towards building a defendable internet are possible, but to get there the industry needs to accept baseline security regulations and move away from a fixation...
MITRE ATT&CK is a knowledge base of adversary tactics and techniques based on real-world observations. ATT&CK is open and available to any person or organization for use at...
Three vulnerabilities in the American Megatrends MegaRAC Baseboard Management Controller (BMC) software impact server equipment used in many cloud service and data center providers. The flaws...
The Cybersecurity and Infrastructure Security Agency (CISA) has added one more security vulnerability to its list of bugs known to be exploited in attacks. The flaw...
Bug bounty platform HackerOne has launched a scheme to encourage customers to adopt a standard policy geared towards protecting hackers from potential legal problems. The Gold Standard Safe Harbor...
Researchers have disclosed a critical issue in Hyundai and Genesis vehicles that could be exploited to remotely control a car. Yuga Labs staff security engineer Sam...
An open source Go implementation of the SAML protocol has patched a critical vulnerability that could allow attackers to bypass authentication in applications that used the library. SAML...
Our inaugural web security roundup begins with the news that thousands of applications were found to be leaking API keys for Algolia. Algolia technology is used by the likes...
