Check your Docker API permissions.  A new piece of malware has been turning cloud hosted contai...

They dropped Open Redirection from the OWASP Top 10 but, like CSRF, it is still out there. Here is a...

The Enterprise Security API for Java went to 2.2.1.0 https://github.com/ESAPI/esapi-java-legacy/blob...

Big news this week was the F5 zero day, of course, but on the application side you should review the...

Happy Independence Day for my US readers!   BugCrowd released a really cool looking Burp extens...

I was tempted to start making up dates. Like Junuary 54th.  But dark humor doesn't belong here....

Happy Father's Day!   Sn1per is not new, but has some updates, and is with adding to your vulne...

Happy 614 day to my Columbus friends.     Very solid guidelines to storing API secrets. ht...

Another great Server Side Request Forgery find.  I found this on a test again in May folks, it'...

This wouldn't fit in a comment, but there is a lot of interesting information in here:   Kevin...

The group unc0ver has released a broad-ranging iOS jailbreak tool. https://thehackernews.com/2020/05...

Happy Memorial Day! Take a minute to learn something new about the seven branches of the US Military...