PortSwigger

Social engineering scammers are using cloned social media accounts to carry out deceit

‘Apple’s plans to violate your privacy have left a sour taste in our mouths’, says developers

New tech touted as faster and stronger than web-based authentication alternatives

Non-profit confirms latest iteration of web attack hit list during 24-hour live event

Mass scanning detected after RCE exploits surface online

A bug bounty hunter was able to pivot from XSS to full-blown RCE

High-impact SSRF and request smuggling bugs among flaws addressed in bumper patch cycle

API keys are accidentally being leaked by websites. Here’s how to find them

Open source project back online after fraudsters dangled double-your-money lure

Sensitive information is among datasets potentially exposed