Latest threats Bug bounty For devs Deep dives More About

Web security vulnerabilities Network security vulnerabilities Cloud security Zero-day news Supply chain attacks

View all web security news

Prototype pollution

Prototype pollution project yields another Parse Server RCE

Prototype-pollution

Bug bounty news VDPs Bug Bounty Radar

View all bug bounty news

Bug Bounty Radar

The latest programs for February 2023

DevSecOps Security best practices Dev stack tech

View all dev related news

All Day DevOps

AppSec engineer keynote says Log4j revealed lessons were not learned from the Equifax breach

Deep dives Interviews

View all of the latest features

Infosec beginner?

A rough guide to launching a career in cybersecurity

Industry news Enterprise security news Web hacking tools Events

View all infosec industry news

Cybersecurity conferences

A schedule of events in 2022 and beyond

Latest gaming security news

Bug Bounty Radar

The latest bug bounty programs for November 202201 November 2022Bug Bounty RadarThe latest bug bounty programs for November 2022

NETGEAR resolves router bugs in bundled gaming component

16 September 2022NETGEAR resolves router bugs in bundled gaming componentSilicon Valley vendor tackles command injection and MitM-to-RCE issues

Hack of the net

Fantasy Premier League football app introduces 2FA to tackle account takeover hacks15 July 2022Hack of the netFantasy Premier League football app introduces 2FA to tackle account takeover hacks

Severe Parse Server bug impacts Apple Game Center

22 June 2022Severe Parse Server bug impacts Apple Game CenterFake certificates could be used to bypass authentication controls

UK government calls for tougher protections against malicious apps

06 May 2022UK government calls for tougher protections against malicious appsNCSC proposes new code of conduct for app stores

Okta investigation

Authentication and identity management giant probes LAPSUS$ gang’s compromise claims22 March 2022Okta investigationAuthentication and identity management giant probes LAPSUS$ gang’s compromise claims

Ubisoft hack

‘Cybersecurity incident’ at games developer forces company-wide password reset14 March 2022Ubisoft hack‘Cybersecurity incident’ at games developer forces company-wide password reset

Into the wild

Middleboxes being used in fresh wave of DDoS attacks10 March 2022Into the wildMiddleboxes being used in fresh wave of DDoS attacks

Facebook Canvas takeover

Fresh flaws in Meta technology earn bug bounty hunter a second payday07 March 2022Facebook Canvas takeoverFresh flaws in Meta technology earn bug bounty hunter a second payday

Unorthodox ransom

Hackers attempting to blackmail Nvidia into open-sourcing GPU drivers03 March 2022Unorthodox ransomHackers attempting to blackmail Nvidia into open-sourcing GPU drivers

Nvidia cyber-attack linked to Lapsus$ ransomware gang

28 February 2022Nvidia cyber-attack linked to Lapsus$ ransomware gangClaims that threat actors said hardware giant had ‘hacked back’ have surfaced

Bowser’s jury

Nintendo Switch hacker sent behind bars11 February 2022Bowser’s juryNintendo Switch hacker sent behind bars

FA says ‘OK to 2FA’

Fantasy Premier League account hack surge prompts plans to introduce extra login checks26 January 2022FA says ‘OK to 2FA’Fantasy Premier League account hack surge prompts plans to introduce extra login checks

Log4Shell shock

VMware Horizon under attack as China-based ransomware group targets Log4j vulnerability11 January 2022Log4Shell shockVMware Horizon under attack as China-based ransomware group targets Log4j vulnerability

DDoS demands

Attacks increasing year on year as cybercriminals demand extortionate payouts10 January 2022DDoS demandsAttacks increasing year on year as cybercriminals demand extortionate payouts

The Matrix Resurrections review

Latest instalment offers nostalgia but no denouement31 December 2021The Matrix Resurrections reviewLatest instalment offers nostalgia but no denouement

Ubisoft confirms Just Dance video game data breach

21 December 2021Ubisoft confirms Just Dance video game data breachDeveloper said no accounts had been improperly accessed

Dutch police warn DDoS-for-hire customers to desist or face prosecution

14 October 2021Dutch police warn DDoS-for-hire customers to desist or face prosecutionWe know what you DDoSed last summer

Twitch breach leads to leak of source code, earnings data

07 October 2021Twitch breach leads to leak of source code, earnings dataThis is like ‘KFC losing its secret recipe’

Chips are down

Data breach at US hospitality chain may have leaked customer info07 September 2021Chips are downData breach at US hospitality chain may have leaked customer info

Letting off Steam

Valve promptly resolves ‘unlimited funds’ gaming wallet cheat13 August 2021Letting off SteamValve promptly resolves ‘unlimited funds’ gaming wallet cheat

CD Projekt Red breach

Games developer releases more details about cyber-attack11 June 2021CD Projekt Red breachGames developer releases more details about cyber-attack

Gaming mod development platform Overwolf fixes RCE bug

01 June 2021Gaming mod development platform Overwolf fixes RCE bugResearchers used custom URL schemes to achieve XSS and a sandbox escape

Remote control

Remote Mouse mobile app contains raft of zero-day RCE vulnerabilities10 May 2021Remote controlRemote Mouse mobile app contains raft of zero-day RCE vulnerabilities

Under pressure

Valve releases fix for Steam gaming platform RCE vulnerability22 April 2021Under pressureValve releases fix for Steam gaming platform RCE vulnerability

Pressure grows on Valve to unplug Steam platform vulnerabilities

13 April 2021Pressure grows on Valve to unplug Steam platform vulnerabilitiesTwo-year-old RCE flaws still unpatched, bounty hunters claim

Capcom ransomware attack

Hackers gained access via vulnerable VPN, report finds13 April 2021Capcom ransomware attackHackers gained access via vulnerable VPN, report finds

Malware slingers step up efforts to target Discord users

10 February 2021Malware slingers step up efforts to target Discord usersPersistence of malicious links and lack of ‘report abuse’ button faulted by security researchers

‘Epically pwned’

Cyberpunk 2077 developers held to ransom after cyber-attack09 February 2021‘Epically pwned’Cyberpunk 2077 developers held to ransom after cyber-attack

Tokyo Gas data breach impacts dating simulation game fans

08 February 2021Tokyo Gas data breach impacts dating simulation game fansDeveloped by Japan’s largest gas utility, ‘Furo Koi’ was created to offer bathing advice to users

VIP Games exposes 23m data records on misconfigured server

28 January 2021VIP Games exposes 23m data records on misconfigured serverPopular website leaks personal information belonging to 66,000 players

Laying the groundwork for a ‘post-XSS world’

The Firefox and Chrome development teams share their progress in minimizing the impact of classic web attacks13 January 2021Laying the groundwork for a ‘post-XSS world’The Firefox and Chrome development teams share their progress in minimizing the impact of classic web attacks

Nintendo 3DS flaw earns researcher $12,000 bug bounty

23 December 2020Nintendo 3DS flaw earns researcher $12,000 bug bountyConsole hacker reports flaw that opened the door to MitM attacks

Google security researcher banned from Call of Duty after ‘reverse engineering code’

26 November 2020Google security researcher banned from Call of Duty after ‘reverse engineering code’Ned Williamson urges video game developers to accommodate legitimate research

Assault mode

PlayStation 5 launch blighted by widespread phishing attacks – report19 November 2020Assault modePlayStation 5 launch blighted by widespread phishing attacks – report

You lose!

Capcom takes systems offline following cyber-attack06 November 2020You lose!Capcom takes systems offline following cyber-attack