Source
PortSwigger
Multiple XSS vulnerabilities in child monitoring app Canopy ‘could risk location leak’
Pair of unpatched security bugs are ‘just the tip of the iceberg’
Firefox 93 lands with HTTP download blocking, new user privacy features
Roadblocks erected against untrusted content and unwanted ads
US clothing brand Next Level Apparel reports phishing-related data breach
Exposed data includes payment card and driver’s license numbers
Embedded insecurity: Broadcom SDK vulnerabilities create lingering risk for router manufacturers
Genesis of ‘forever-day’ vulnerability in Cisco business-grade router line uncovered
Apache HTTP Server devs issue fix for critical data leak vulnerability – update now
Bug was inadvertently introduced in last month’s security release
OnionShare: Secure communications platform used by whistleblowers and journalists patches data exposure bug
Open source software is used to protect a sender’s identity
Safari adds strict CSP support, catches up with other leading browsers
Apple offers users greater defense against XSS and other vulnerabilities
Let’s Encrypt root cert update catches out many big-name tech firms
Back on the chain gang
Cryptocurrency funds removed from 6,000 Coinbase accounts due to flaw in SMS authentication
Victims are told they will be reimbursed
‘Prolific’ ransomware operators arrested in Ukraine – Europol
Assets also frozen over ‘string of targeted attacks’ against US and European targets