Submissions from portswigger.net

		Deserialized web security roundup: Twitter 2FA backlash, GoDaddy suffers (portswigger.net)
		1 point by feross on Feb 24, 2023 \| past
		NIST plots biggest ever reform of Cybersecurity Framework (portswigger.net)
		2 points by feross on Feb 23, 2023 \| past
		Cisco ClamAV anti-malware scanner vulnerable to serious security flaw (portswigger.net)
		3 points by feross on Feb 22, 2023 \| past
		Portswigger's top web hacking techniques of 2022 (portswigger.net)
		3 points by arunsivadasan on Feb 19, 2023 \| past
		HTTP request smuggling bug patched in HAProxy (portswigger.net)
		1 point by feross on Feb 17, 2023 \| past
		Server-side prototype pollution: Black-box detection without the DoS (portswigger.net)
		1 point by TechBro8615 on Feb 16, 2023 \| past
		Read all about it: Introducing our new newsletter, Daily Swig Deserialized (portswigger.net)
		1 point by feross on Feb 16, 2023 \| past
		Deserialized web security roundup: KeePass dismisses ‘vulnerability’ report (portswigger.net)
		1 point by feross on Feb 10, 2023 \| past
		New XSS Hunter host Truffle Security faces privacy backlash (portswigger.net)
		1 point by feross on Feb 9, 2023 \| past
		Toyota sealed up a backdoor to its global supplier management network (portswigger.net)
		1 point by feross on Feb 7, 2023 \| past
		Bitwarden responds to encryption design flaw criticism (portswigger.net)
		4 points by favourable on Feb 4, 2023 \| past \| 1 comment
		Researcher drops Lexmark RCE zero-day rather than sell vuln ‘for peanuts’ (portswigger.net)
		2 points by todsacerdoti on Feb 1, 2023 \| past
		Bitwarden responds to encryption design flaw criticism (portswigger.net)
		8 points by simonebrunozzi on Jan 26, 2023 \| past \| 2 comments
		Ruby on Rails apps vulnerable to data theft through Ransack search (portswigger.net)
		1 point by feross on Jan 26, 2023 \| past
		AWS patches bypass bug in CloudTrail API monitoring tool (portswigger.net)
		3 points by feross on Jan 23, 2023 \| past
		Git security audit reveals critical overflow bugs (portswigger.net)
		2 points by feross on Jan 20, 2023 \| past
		Google pays hacker duo $22k in bug bounties for flaws in multiple cloud projects (portswigger.net)
		1 point by feross on Jan 19, 2023 \| past
		Squaring the CircleCI: DevOps platform publishes post-mortem on recent breach (portswigger.net)
		2 points by feross on Jan 16, 2023 \| past
		New tool protects against vulnerabilities in popular file converter ImageMagick (portswigger.net)
		3 points by feross on Jan 12, 2023 \| past
		Threema disputes crypto flaws disclosure, prompts security flap (portswigger.net)
		1 point by feross on Jan 11, 2023 \| past
		Prototype pollution-like bug variant discovered in Python (portswigger.net)
		1 point by feross on Jan 10, 2023 \| past \| 1 comment
		Finding the next Log4j – OpenSSF’s Brian Behlendorf on pivoting to a (portswigger.net)
		1 point by feross on Dec 23, 2022 \| past
		Password theft bug chain patched in Passwordstate credential manager (portswigger.net)
		1 point by feross on Dec 21, 2022 \| past
		Akamai wrestles with AWS S3 web cache poisoning bug (portswigger.net)
		2 points by feross on Dec 20, 2022 \| past \| 1 comment
		Deserialized web security roundup – Fortinet, Citrix bugs; another Uber breach; (portswigger.net)
		5 points by feross on Dec 16, 2022 \| past
		Stealing passwords from infosec Mastodon – without bypassing CSP (portswigger.net)
		4 points by nateb2022 on Dec 16, 2022 \| past \| 1 comment
		Critical IP spoofing bug patched in Cacti (portswigger.net)
		1 point by feross on Dec 15, 2022 \| past
		Cloud flaws brought to the fore as bug bounty vulnerabilities hit 65k in 2022 (portswigger.net)
		1 point by feross on Dec 13, 2022 \| past
		The seventh way to call a JavaScript function without parentheses (portswigger.net)
		2 points by fagnerbrack on Dec 13, 2022 \| past
		Black Hat Europe redux: The top web hacking talks for 2022 (portswigger.net)
		1 point by feross on Dec 12, 2022 \| past
		More