Latest threats Bug bounty For devs Deep dives More About

Web security vulnerabilities Network security vulnerabilities Cloud security Zero-day news Supply chain attacks

View all web security news

Prototype pollution

Prototype pollution project yields another Parse Server RCE

Bug bounty news VDPs Bug Bounty Radar

View all bug bounty news

Bug Bounty Radar

The latest programs for February 2023

DevSecOps Security best practices Dev stack tech

View all dev related news

All Day DevOps

AppSec engineer keynote says Log4j revealed lessons were not learned from the Equifax breach

Deep dives Interviews

View all of the latest features

Infosec beginner?

A rough guide to launching a career in cybersecurity

Industry news Enterprise security news Web hacking tools Events

View all infosec industry news

Cybersecurity conferences

A schedule of events in 2022 and beyond

Archive - January 2023

Bug Bounty Radar // The latest bug bounty programs for February 2023 31 January 2023 at 15:13 UTC Tell us what you think: The Daily Swig reader survey 2023 29 January 2023 at 14:03 UTC Deserialized web security roundup: ‘Catastrophic cyber events’, another T-Mobile breach, more LastPass problems 27 January 2023 at 16:48 UTC Facebook two-factor authentication bypass issue patched 27 January 2023 at 11:50 UTC Ruby on Rails apps vulnerable to data theft through Ransack search 26 January 2023 at 17:27 UTC Trellix automates tackling open source vulnerabilities at scale 26 January 2023 at 13:52 UTC Yellowfin tackles auth bypass bug trio that opened door to RCE 25 January 2023 at 16:23 UTC Bitwarden responds to encryption design flaw criticism 25 January 2023 at 15:47 UTC IoT vendors faulted for slow progress in setting up vulnerability disclosure programs 24 January 2023 at 13:22 UTC AWS patches bypass bug in CloudTrail API monitoring tool 23 January 2023 at 13:01 UTC Git security audit reveals critical overflow bugs 20 January 2023 at 15:00 UTC Popular password managers auto-filled credentials on untrusted websites 20 January 2023 at 12:09 UTC Google pays hacker duo $22k in bug bounties for flaws in multiple cloud projects 19 January 2023 at 16:29 UTC WAGO fixes config export flaw threatening data leak from industrial devices 18 January 2023 at 15:34 UTC US government announces third Hack The Pentagon challenge 17 January 2023 at 14:04 UTC Squaring the CircleCI: DevOps platform publishes post-mortem on recent breach 16 January 2023 at 16:07 UTC Deserialized web security roundup – Slack and Okta breaches, lax US government passwords report, and more 13 January 2023 at 18:31 UTC New tool protects against vulnerabilities in popular file converter ImageMagick 12 January 2023 at 16:03 UTC Threema disputes crypto flaws disclosure, prompts security flap 11 January 2023 at 15:41 UTC Prototype pollution-like bug variant discovered in Python 10 January 2023 at 14:49 UTC Meet teler-waf: Security-focused HTTP middleware for the Go framework 09 January 2023 at 11:43 UTC Exploit drops for remote code execution bug in Control Web Panel 06 January 2023 at 15:40 UTC Tesla tackles CORS misconfigurations that left internal networks vulnerable 05 January 2023 at 16:51 UTC Devs urged to rotate secrets after CircleCI suffers security breach 05 January 2023 at 14:38 UTC Car companies massively exposed to web vulnerabilities 04 January 2023 at 17:35 UTC