PortSwigger

Exploitation could enable attackers to access backend servers

Free fortnightly roundup and exclusive content for subscribers only

New legal protections for security researchers could be the strongest of any EU country

Possible RCE and denial-of-service issue discovered in Kafka Connect

The first guide of our two-part series helps consumers choose the best way to manage their login credentials

Your fortnightly rundown of AppSec vulnerabilities, new hacking techniques, and other cybersecurity news

Single sign-on and request smuggling to the fore in another stellar year for web security research

No response or patch yet forthcoming from providers of vulnerable document management systems

Anonymized numbers of bug discoveries swiftly deleted after pushback

Campaigner bemoans glacial progress of review and urges government to set clear timetable