Source
PortSwigger
SQL injection flaw in billing software app tied to US ransomware infection
BillQuick customers blindsided by recently patched web security flaw
Africa sees increase in ransomware, botnet attacks – but online scams still pose biggest threat
Fraud is still the primary goal of cybercriminals operating across the continent, Interpol warns in latest market report
Popular NPM package UA-Parser-JS poisoned with cryptomining, password-stealing malware
Developer moves quickly to address vulnerabilities after his account was compromised
Discourse fixes critical validation-related vulnerability in forum software
We need to talk about lack of validation
Polygon pays out record $2 million bug bounty reward for critical vulnerability
Ethical hacker bags top prize for double spend flaw in smart contract
Node.js sandboxes are open to prototype pollution
Sandbox breakout can lead to remote code execution, researchers warn
Swiss exhibitions organizer MCH Group hit by cyber-attack
Investigations yet to confirm if any data was exfiltrated
Japanese punctuation exacerbates privacy flaw that leaks one-word search terms in Google, Firefox browsers
Researcher questions efficacy of proposed remedies as debate rumbles on 18 months after disclosure
EU ban on anonymous domain registration welcomed by threat intel firm
‘This raises the bar and makes it expensive for easy cyber criminality,’ argues DomainTools
New bug bounty platform launches for Indian ethical hackers
Security researchers can sign up now