Source
PortSwigger
New York State vaccine pass shortcomings offer lessons for other coronavirus app developers
‘Incomplete threat modelling’ blamed for credential forgery vulnerability
Machine learning technique detects phishing sites based on markup visualization
Researchers showcase new method for improving the detection of fake websites
Jenkins project succumbs to ‘mass exploitation’ of critical Atlassian Confluence vulnerability
Thousands of instances still vulnerable to Apache Struts-like flaw
PoC released for Ghostscript vulnerability that exposed Airbnb, Dropbox
Server-side image conversion vector laid bare
Data breach at US restaurant and gambling chain Dotty’s may have leaked sensitive customer information
Nevada-based hospitality firm confirms cyber-attack on its networks
French government visa website hit by cyber-attack that exposed applicants’ personal data
Nationalities, birth dates, and passport numbers among potentially exposed data
Raider: A tool to test authentication in web applications
Open source project aims to offer ‘unlimited flexibility’ for security researchers
Russian retailer issues DEXP phone recall following security audit
Electronics retailer DNS issued the product recall after a security researcher published their findings last week
‘Nasty stuff’: Research into Russian push-button cellphones uncovers legion of security issues
Itel, DEXP, Irbis, and F+ mobile devices put under the microscope
‘Nasty stuff’: Research into Russian push-button cellphones uncovers legion of privacy and security issues
Itel, DEXP, Irbis, and F+ mobile devices put under the microscope