Source
PortSwigger
Researchers crack MEGA’s ‘privacy by design’ storage, encryption
ETH Zurich finds flaws in the firm’s cryptographic infrastructure
Untrusted types: Researcher demos trick to beat Trusted Types protection in Google Chrome
Flaws in protection mechanism leaves websites more exposed to DOM XSS-based attacks
Oracle patches ‘miracle exploit’ impacting Middleware Fusion, cloud services
Researchers describe discovery of ‘mega’ zero-day
BSides Cleveland organizer steps down after controversial guest added as ‘surprise’ speaker
Fury among online community over decision to include presenter
Statutory defense for ethical hacking under UK Computer Misuse Act tabled
Amendment applies to bill related to 5G rollout and connected products
Splunk patches critical vulnerability while users push for legacy updates
Users call for security update back-port to support earlier versions
One in every 13 incidents blamed on API insecurity – report
Larger organizations are statistically more at risk, warns Imperva
Severe Parse Server bug impacts Apple Game Center
Fake certificates could be used to bypass authentication controls
Single largest disclosure for vulnerabilities in industrial control security reveals 56 flaws
Scores of security issues in industrial control systems unveiled
Jacuzzi customer details could be exposed by SmartTub web bugs, claims researcher
Iconic hot tub manufacturer addresses flaws that also apparently exposed numerous backend services