About

Archive - January 2023

Bug Bounty Radar // The latest bug bounty programs for February 2023 31 January 2023 at 15:13 UTC Tell us what you think: The Daily Swig reader survey 2023 29 January 2023 at 14:03 UTC Deserialized web security roundup: ‘Catastrophic cyber events’, another T-Mobile breach, more LastPass problems 27 January 2023 at 16:48 UTC Facebook two-factor authentication bypass issue patched 27 January 2023 at 11:50 UTC Ruby on Rails apps vulnerable to data theft through Ransack search 26 January 2023 at 17:27 UTC Trellix automates tackling open source vulnerabilities at scale 26 January 2023 at 13:52 UTC Yellowfin tackles auth bypass bug trio that opened door to RCE 25 January 2023 at 16:23 UTC Bitwarden responds to encryption design flaw criticism 25 January 2023 at 15:47 UTC IoT vendors faulted for slow progress in setting up vulnerability disclosure programs 24 January 2023 at 13:22 UTC AWS patches bypass bug in CloudTrail API monitoring tool 23 January 2023 at 13:01 UTC Git security audit reveals critical overflow bugs 20 January 2023 at 15:00 UTC Popular password managers auto-filled credentials on untrusted websites 20 January 2023 at 12:09 UTC Google pays hacker duo $22k in bug bounties for flaws in multiple cloud projects 19 January 2023 at 16:29 UTC WAGO fixes config export flaw threatening data leak from industrial devices 18 January 2023 at 15:34 UTC US government announces third Hack The Pentagon challenge 17 January 2023 at 14:04 UTC Squaring the CircleCI: DevOps platform publishes post-mortem on recent breach 16 January 2023 at 16:07 UTC Deserialized web security roundup – Slack and Okta breaches, lax US government passwords report, and more  13 January 2023 at 18:31 UTC New tool protects against vulnerabilities in popular file converter ImageMagick 12 January 2023 at 16:03 UTC Threema disputes crypto flaws disclosure, prompts security flap 11 January 2023 at 15:41 UTC Prototype pollution-like bug variant discovered in Python 10 January 2023 at 14:49 UTC Meet teler-waf: Security-focused HTTP middleware for the Go framework 09 January 2023 at 11:43 UTC Exploit drops for remote code execution bug in Control Web Panel 06 January 2023 at 15:40 UTC Tesla tackles CORS misconfigurations that left internal networks vulnerable 05 January 2023 at 16:51 UTC Devs urged to rotate secrets after CircleCI suffers security breach 05 January 2023 at 14:38 UTC Car companies massively exposed to web vulnerabilities 04 January 2023 at 17:35 UTC