Source
PortSwigger
Critical infrastructure entities on red alert over ‘exceptionally rare and dangerous’ ICS malware
Powerful, versatile, and easy to use hacking toolset likened to Stuxnet
Credit card industry standard revised to repel card-skimmer attacks
PCI DSS v4.0 encourages better defenses against Magecart-style assaults
Git security vulnerabilities prompt updates
Windows users at highest risk from security bugs in software development tool
African banking sector targeted by malware-based phishing campaign
Attackers use HTML smuggling techniques to hide malicious files in fake job opportunities
Internal AWS credentials swiped by researcher via SQL payload
Amazon cloud service acts quickly to close security hole in RDS
OpenSSH 9.0 bakes in post-quantum cryptography to future proof against attacks
Protection offered against ‘capture now, decrypt later’ attacks
TruffleHog v3: API key leak detection tool adds support for more than 600 types
Third version of the open source software comes with significant upgrades
Access control vulnerability in Easy!Appointments platform exposed sensitive personal data
Unprotected API could expose names, places, times of bookings made using app
PacketStreamer: New tool can aid research by revealing potential hacking behaviors
Utility can be used to “indicate the presence of an adversary or the progress of an attack”