Connect with us
Twitter faced further criticism this week when Elon Musk’s social networking platform announced SMS-based 2FA will only be available to paying customers going forward. The social...
A security flaw in a bundle anti-malware scanner product has created a serious security risk for some products from networking giant Cisco. More particularly, a vulnerability in the ClamAV scanning...
ANALYSIS Weaknesses in the existing CVSS scoring system have been highlighted through new research, with existing metrics deemed responsible for “overhyping” some vulnerabilities. So-called “overinflated” ratings are potentially...
INTERVIEW Securing web APIs requires a different approach to classic web application security, as standard tests routinely miss the most common vulnerabilities. This is the view of API...
HAProxy, the popular open source load balancer and reverse proxy, has patched a bug that could enable attackers to stage HTTP request smuggling attacks. By sending a maliciously crafted HTTP...
Want to get the latest web security news straight to your inbox? Now you can, with the upcoming launch of The Daily Swig’s first ever newsletter. We’re...
Apache has resolved a vulnerability potentially exploitable to launch remote code execution (RCE) attacks using Kafka Connect. Announced on February 8, the critical vulnerability is tracked...
KeePass has become the latest password manager utility obliged to defend its reputation following the discovery of an alleged vulnerability. Security researchers warned that it might be possible to...
The maintainers of a new version of popular hacking tool XSS Hunter have been criticized for inspecting potentially sensitive data generated by users after they shared...
Gartner has patched a DOM XSS vulnerability found in the Peer Insights widget, a security bug researchers reckon dates back to the original development of the software. In...
Recent Comments