Trellix automates tackling open source vulnerabilities at scale Charlie Osborne26 January 2023 at 13:52 UTC Updated: 26 January 2023 at 13:55 UTC... 2023-1-26 21:52:42 | 阅读: 10 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net trellix schulz python repository tarfile

Yellowfin tackles auth bypass bug trio that opened door to RCE Adam Bannister25 January 2023 at 16:23 UTC... 2023-1-26 00:23:21 | 阅读: 8 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net bypass routes hardcoded yellowfin

Bitwarden responds to encryption design flaw criticism Password vault vendor accused of making a hash of encrypti... 2023-1-25 23:47:46 | 阅读: 11 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net iterations bitwarden security lastpass encryption

IoT vendors faulted for slow progress in setting up vulnerability disclosure programs Manufacturer complacency ‘translates into an unacceptable... 2023-1-24 21:22:49 | 阅读: 9 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net security iotsf horse rogers copper

AWS patches bypass bug in CloudTrail API monitoring tool Charlie Osborne23 January 2023 at 13:01 UTC... 2023-1-23 21:1:0 | 阅读: 9 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net cloudtrail security frichette datadog bypass

Git security audit reveals critical overflow bugs Uncovered vulnerabilities include several high, medium, an... 2023-1-20 23:0:0 | 阅读: 14 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net gitlab security repository github

Popular password managers auto-filled credentials on untrusted websites Dashlane, Bitwarden, and Safari all cited by Google resear... 2023-1-20 20:9:52 | 阅读: 8 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net security dashlane bitwarden swig filling

Google pays hacker duo $22k in bug bounties for flaws in multiple cloud projects Six payouts issued for bugs uncovered in Theia, Vertex AI,... 2023-1-20 00:29:29 | 阅读: 13 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net sreeram compute cloud gcp ashok

WAGO fixes config export flaw threatening data leak from industrial devices Charlie Osborne18 January 2023 at 15:34 UTC Updated: 18 January 2023 at 15:52 UTC... 2023-1-18 23:34:13 | 阅读: 9 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net wago lukavsky security onekey php

US government announces third Hack The Pentagon challenge Jessica Haworth17 January 2023 at 14:04 UTC Updated: 13 February 2023 at 14:44 UTC... 2023-1-17 22:4:9 | 阅读: 9 | 收藏 | The Daily Swig | Cybersecurity news and views - portswigger.net dod security dhs facing

Top 10 web hacking techniques of 2022 - nominations open Published: 04 January 2023 at 13:52 UTC... 2023-1-4 21:52:52 | 阅读: 33 | 收藏 | PortSwigger Research - portswigger.net nominations security ten nominate shortlist

Browser powered scanning 2.0 Tom Shelton-Lefley |15 December 2... 2022-12-15 22:30:0 | 阅读: 27 | 收藏 | PortSwigger Blog - portswigger.net burp wheel chromium scratch desk

New Burp Suite API: we want your feedback! Sean Burns |08 December 2022 at 1... 2022-12-8 18:45:4 | 阅读: 24 | 收藏 | PortSwigger Blog - portswigger.net burp montoya richer exciting bapp

The Burp challenge Emma Stocks |30 November 2022 at... 2022-11-30 17:35:52 | 阅读: 46 | 收藏 | portswigger.net thursday winners draw burp prize

Hijacking service workers via DOM Clobbering Published: 29 November 2022 at 14:00 UTC... 2022-11-29 22:0:2 | 阅读: 54 | 收藏 | portswigger.net sw cdndomain invader innertext

Stealing passwords from infosec Mastodon - without bypassing CSP Published: 15 November 2022 at 14:00 UTC... 2022-11-15 22:0:3 | 阅读: 33 | 收藏 | portswigger.net aria abbr mastodon seemed tabindex

Detecting web message misconfigurations for cross-domain credential theft Published: 09 November 2022 at 14:13 UTC... 2022-11-9 22:13:0 | 阅读: 30 | 收藏 | portswigger.net invader supersecret breakpoints

Safari is hot-linking images to semi-random websites Published: 31 October 2022 at 14:58 UTC... 2022-10-31 22:58:0 | 阅读: 28 | 收藏 | portswigger.net zon loaded happening payload seemed

Free: Dastardly from Burp Suite Matt Atkinson |27 October 2022 at... 2022-10-27 21:3:30 | 阅读: 32 | 收藏 | portswigger.net dastardly security burp analysis noise

Coming very soon: Dastardly, from Burp Suite Matt Atkinson |27 October 2022 at... 2022-10-27 21:3:30 | 阅读: 26 | 收藏 | portswigger.net seven burp dastardly security matt