Source
PortSwigger
Data breach at US healthcare provider ARcare impacts 345,000 individuals
Sensitive medical and other personal data was potentially exposed
GitHub offers post-mortem on recent security breach
Tokens stollen and abused but problem has been contained
<span>Microsoft report unmasks at least six Russian nation-state actors responsible for cyber-attacks against Ukraine</span>
Kremlin-linked actors have launched multiple assaults since invasion began
Socket: New tool takes a proactive approach to prevent OSS supply chain attacks
Signal detector aims to help developers to stay ahead of threats
VirusTotal debunks claims of a serious vulnerability in Google-owned antivirus service
Third party file and theft
Student grades stored in Greek education platform UniverSIS could be manipulated via SQLi
Maintainers promptly patch issue that could also leak sensitive personal data
Disavowed: Chrome plans to deprecate ‘document.domain’ lays the groundwork for shift in browser security
Making document.domain immutable
Bug bounty platform Intigriti offers new hourly payment option for vulnerability researchers
Pentesting-meets-bug bounty model announced today
IBM database updates address critical vulnerabilities in third-party XML parser
Flaws in popular parser prompt updates from numerous downstream vendors
OT security coalition aims to bolster industrial cybersecurity
Operational Technology Cybersecurity Coalition to tackle infrastructure security issues