We have collated here some interesting news articles about Burp Suite. These include our blog posts, articles from other sources about Burp Suite, and details of notable software releases.

Title Date
PWC Private Business Awards Finalist 2018: PortSwigger Web Security September 12, 2018
Softpedia: OAuth Exploit Allowed Researcher to Takeover Periscope TV Account September 10, 2018
The Register: Web cache poisoning just got real: How to fling evil code at victims August 17, 2018
Web cache poisoning attacks demonstrated on major websites, platforms August 10, 2018
Dark Reading: New Hack Weaponizes the Web Cache June 12, 2018
PortSwigger's James Kettle talks about making money through bug bounties April 13, 2018
Sunday Times: Portswigger rank in the Sunday Times Lloyds SME Export Track 100 February 25, 2018
HackerOne Hacker Interviews: James Kettle (@albinowax) January 26, 2018
eWeek: Bug Bounty Hackers Make More Money Than Average Salaries, Report Finds January 22, 2018
Burp Suite 1.7.30: New granular configuration of scan issues. December 12, 2017
Blog post: The Daily Swig November 28, 2017
Burp Suite 1.7.28: Simplified scope control November 15, 2017
Sunday Times: PortSwigger features in Tech Track 100 Ones to Watch September 10, 2017
Blog post: Abusing JavaScript frameworks to bypass XSS mitigations September 8, 2017
Wired: Hacking retail gift cards remains scarily easy, using Burp Suite August 31, 2017
FirstPost: Burp Suite reveals Sarahah is uploading user information August 28, 2017
ZDNet: How we found that hidden Apple job listing using Burp Suite August 21, 2017
The Register: US DoD, Brit ISP BT reverse proxies can be abused to frisk internal systems August 19, 2017
Google pays high school student $10,000 for security flaw found using Burp Suite August 11, 2017
Burp Suite 1.7.26: New scan checks for file upload vulnerabilities August 3, 2017
Blog post: Cracking the Lens: Targeting HTTP's Hidden Attack-Surface July 27, 2017
Burp Suite 1.7.25: New scan checks using out-of-band detection techniques July 26, 2017
Burp Suite 1.7.24: New function to save copy of project July 18, 2017
Blog post: OAST (Out-of-band Application Security Testing) July 14, 2017
Blog post: Behind enemy lines: Bug hunting with Burp Infiltrator June 22, 2017
Dark Reading: PortSwigger researcher previews flaws in hidden web infrastructure June 19, 2017
Burp Suite 1.7.23. Several new scan checks including CSS injection and form action hijacking May 22, 2017
Blog post: DOM based AngularJS sandbox escapes May 11, 2017
Burp Suite 1.7.22. New Mobile Assistant app April 28, 2017
Burp Suite 1.7.20. Enhanced detection of blind injection vulnerabilities April 6, 2017
HackerOne's number 3 hacker loves Burp Suite April 4, 2017
Code Dx Announces Integration with Burp Suite March 21, 2017
InfoSec Institute: Burp Suite named top web scanner March 14, 2017
Burp Suite 1.7.18: New option not to log out-of-scope requests February 28, 2017
Burp Suite 1.7.17: New scan check for suspicious input transformation February 1, 2017
HackerOne: top hacker Mark Litchfield uses Burp Suite as his tool of choice January 27, 2017
HackerOne: Q&A With PortSwigger's James Kettle about bug bounties, exploit stories, and more January 19, 2017
Burp Suite 1.7.15: Custom wordlists and accurate not-found detection in Content Discovery tool December 21, 2016
Blog post: Bypassing CSP using polyglot JPEGs December 1, 2016
Blog post: PortSwigger bug bounty program November 30, 2016
Blog post: JSON hijacking for the modern web November 25, 2016
Burp Suite 1.7.12: Adds SMTP support to Burp Collaborator, and new SMTP scan checks November 18, 2016
Blog post: Backslash Powered Scanning: Hunting Unknown Vulnerability Classes November 4, 2016
Burp Suite 1.7.09: New Burp Collaborator client October 21, 2016
Blog post: Exploiting CORS Misconfigurations for Bitcoins and Bounties October 14, 2016
Burp Suite 1.7.06: New checks for second-order SQL injection September 8, 2016
Blog post: Introducing Burp Infiltrator July 26, 2016
Blog post: Executing non-alphanumeric JavaScript without parenthesis July 15, 2016
Blog post: Adapting AngularJS Payloads to Exploit Real World Applications April 25, 2016
Blog post: Introducing Burp projects April 8, 2016
Blog post: Using Burp Suite to Audit and Exploit an eCommerce Application March 22, 2016
Blog post: XSS without HTML: Client-Side Template Injection with AngularJS January 27, 2016
Burp Suite 1.6.33: New scan checks for blind XSS via Burp Collaborator January 13, 2016