Source
PortSwigger
GoCD bug chain provides second springboard to supply chain attacks: GoCD bug chain provides second springboard to supply chain attacks
Follow-up to recent GoCD disclosure provides additional path to infiltrating build environments
Smuggling hidden backdoors into JavaScript with homoglyphs and invisible Unicode characters
Researchers urge developers to secure code by disallowing non-ASCII characters
Black Hat Europe: Laws and regulations need to change to secure world’s digital infrastructure
Better incentives to build secure products needed, former MEP tells conference
Apache Storm maintainers patch two pre-auth RCE vulnerabilities
High-risk issues were discovered by GitHub’s in-house security team
bZx crypto heist results in reported losses of more than $55 million
BSC and Polygon funds drained – but Ethereum contracts ‘safe’ – following phishing attack
Security breach at trading platform Robinhood sparks phishing fears
Social engineering attack exposes email addresses of five million investors
Two men charged with deploying REvil ransomware attacks, targeting US government and businesses
Individuals face up to 145 years in prison if convicted
<span>Pwn2Own Austin 2021: Synacktiv crowned Masters of Pwn after Sonos One, WD NAS exploits</span>
French team takes home nearly $200k in winnings as event uncovers 61 zero days
Mozilla disables ‘low usage’ encryption feature to resolve Thunderbird HTTP/2 vulnerability
Multiple flaws in email client resolved with security update
Campaigning lawyers launch counter-offensive against software patent trolls
Stemming the tide of ‘stupid software patents and the trolls they feed’