Connect with us
ANALYSIS Weaknesses in the existing CVSS scoring system have been highlighted through new research, with existing metrics deemed responsible for “overhyping” some vulnerabilities. So-called “overinflated” ratings are potentially...
KeePass has become the latest password manager utility obliged to defend its reputation following the discovery of an alleged vulnerability. Security researchers warned that it might be possible to...
Detectify founder Frans Rosén has topped PortSwigger’s top 10 web hacking techniques of 2022 with ‘Account hijacking using dirty dancing in sign-in OAuth-flows’. Published in July, the...
Researchers have disclosed a raft of serious document management system (DMS) vulnerabilities impacting four enterprise vendors who have not yet resolved the issues. In a blog post published...
“A far-reaching, catastrophic cyber event is likely in the next two years” according to 93% of cybersecurity experts and 86% of business leaders polled by the World...
As 2022 draws to a close, The Daily Swig is revisiting some of the year’s most notable web security wins and egregious infosec fails. Tomorrow we’ll publish some...
Our second web security roundup begins with news that a brace of network security flaws in products from Fortinet and Citrix have each come under active attack. These attacks were...
Our inaugural web security roundup begins with the news that thousands of applications were found to be leaking API keys for Algolia. Algolia technology is used by the likes...
Multiple instances of social media platform Mastodon are vulnerable to system configuration issues, security researcher Lenin Alevski warns. The exodus of former Twitter users in response to the...
A security researcher scored a $70k bug bounty payout after accidentally discovering a Google Pixel lock-screen bypass hack. The vulnerability, discovered by David Schütz, meant an attacker could...
Recent Comments