Latest threats Bug bounty For devs Deep dives More About

Web security vulnerabilities Network security vulnerabilities Cloud security Zero-day news Supply chain attacks

View all web security news

Prototype pollution

Prototype pollution project yields another Parse Server RCE

Bug bounty news VDPs Bug Bounty Radar

View all bug bounty news

Bug Bounty Radar

The latest programs for February 2023

DevSecOps Security best practices Dev stack tech

View all dev related news

All Day DevOps

AppSec engineer keynote says Log4j revealed lessons were not learned from the Equifax breach

Deep dives Interviews

View all of the latest features

Infosec beginner?

A rough guide to launching a career in cybersecurity

Industry news Enterprise security news Web hacking tools Events

View all infosec industry news

Cybersecurity conferences

A schedule of events in 2022 and beyond

Archive - February 2023

Bug Bounty Radar // The latest bug bounty programs for March 2023 28 February 2023 at 19:15 UTC Indian transport ministry flaws potentially allowed creation of counterfeit driving licenses 28 February 2023 at 14:15 UTC Password managers: A rough guide to enterprise secret platforms 27 February 2023 at 15:30 UTC Chromium bug allowed SameSite cookie bypass on Android devices 27 February 2023 at 11:50 UTC Deserialized web security roundup: Twitter 2FA backlash, GoDaddy suffers years-long attack campaign, and XSS Hunter adds e2e encryption 24 February 2023 at 13:09 UTC NIST plots biggest ever reform of Cybersecurity Framework 23 February 2023 at 15:55 UTC Cisco ClamAV anti-malware scanner vulnerable to serious security flaw 22 February 2023 at 14:23 UTC CVSS system criticized for failure to address real-world impact 21 February 2023 at 15:34 UTC ‘Most web API flaws are missed by standard security tests’ – Corey J Ball on securing a neglected attack vector 20 February 2023 at 13:58 UTC HTTP request smuggling bug patched in HAProxy 17 February 2023 at 16:05 UTC Belgium launches nationwide safe harbor for ethical hackers 15 February 2023 at 16:49 UTC Remote code execution flaw patched in Apache Kafka 15 February 2023 at 14:01 UTC Password manager security: Which is the right option for me? 14 February 2023 at 15:58 UTC Deserialized web security roundup: KeePass dismisses ‘vulnerability’ report, OpenSSL gets patched, and Reddit admits phishing hack 10 February 2023 at 16:30 UTC OAuth ‘masterclass’ crowned top web hacking technique of 2022 10 February 2023 at 14:56 UTC Radio silence from DMS vendor quartet over XSS zero-days 10 February 2023 at 11:55 UTC New XSS Hunter host Truffle Security faces privacy backlash 09 February 2023 at 17:12 UTC Second UK Computer Misuse Act consultation reflects ‘very little progress’ 08 February 2023 at 17:02 UTC DOM XSS vulnerability in Gartner Peer Insights widget patched 08 February 2023 at 13:42 UTC Toyota sealed up a backdoor to its global supplier management network 07 February 2023 at 17:34 UTC Google engineers plot to mitigate prototype pollution 06 February 2023 at 15:57 UTC Serious security hole plugged in infosec tool binwalk 03 February 2023 at 16:36 UTC Truffle Security relaunches XSS Hunter tool with new features 02 February 2023 at 15:08 UTC Researcher drops Lexmark RCE zero-day rather than sell vuln ‘for peanuts’ 01 February 2023 at 12:18 UTC