Source
PortSwigger
<span>Interpol issues arrest warrants for members of Clop ransomware gang</span>
Wanted: cybercriminals behind global malware campaign
Lessons learned: How a severe vulnerability in the OWASP ModSecurity Core Rule Set sparked much-needed change
Years-old WAF bypass flaw was discovered in June
Cisco patches critical bug trio in Policy Suite and ONT networking devices
Critical severity bugs disclosed by networking titan
‘Focus on brilliance at the basics’ – GitHub CSO Mike Hanley on shifting left and securing the software supply chain
Security fundamentals often overlooked in favor of eye-catching initiatives, says infosec pro
US federal agencies ordered to patch hundreds of actively exploited vulnerabilities
CISA directive establishes tight patching deadlines
Majority of consumer IoT vendors still lack vulnerability disclosure programs – report
Dismal findings appear to vindicate global efforts to regulate the sector
Remote code execution, SQL injection bugs uncovered in Pentaho Business Analytics software
Penetration test reveals severe issues in Hitachi Vantara’s business solution
Human rights activists condemn mass denial of service as Sudan’s nationwide internet shutdown enters second week
‘All mobile internet networks are completely cut off,’ one journalist on the ground tells The Daily Swig
Mozilla debuts Site Isolation technology with Firefox update
Sandboxing technology levels up browser security
Dangerous XSS bug in Google Chrome’s ‘New Tab’ page bypassed security features
‘Chrome’s NTP only has a really weak CSP that doesn’t mitigate XSS’