Vulnerability Deep Dive: Gaining RCE Through ImageMagick With Frans Rosen
The file upload vulnerability type is as broad in scope as the number of different file types. These vulnerabilities are...
Read more →Category: Mix
How Security Edge Revolutionizes API Security
Wallarm’s Security Edge is setting a new standard in API security—far beyond the reach of traditional Content Delivery Networks (CDNs)....
Read more →
The complete guide for in-scope entities
NIS2 will take effect across the EU from 18th October 2024, meaning time is running out to comply with its...
Read more →
8 essential tools for performing effective reconnaissance
We all know that reconnaissance is important in bug bounty, in fact, it is the most important phase in bug...
Read more →
12 incident response metrics your business should be tracking
If there’s a vulnerability in your systems that cybercriminals could exploit, you’ll want to know about it. Collaborating with people...
Read more →
Automating Dead Link Detection | HAHWUL
Using Deadfinder and GitHub Actions for Seamless Link Management A dead link, or broken link, occurs when a hyperlink points...
Read more →
Advanced API Authentication Strategies for Enhanced Security
Passwordless authentication for end users is taking the world by storm, offering organizations and individuals alike unprecedented security, user experience,...
Read more →
CVE-2024–45186: Unauthenticated SSTI bug in Filesender exposes MySQL & S3 credentials and other configuration variables, potentially leaking all (sometimes encrypted) user uploaded files. Dutch Universities affected. | by Jonathan Bouman | Oct, 2024
FileSender is an open-source web application designed for securely transferring large files. The idea for FileSender was born in 2007...
Read more →Bypassing Whitelists With XSS Payloads in Attributes
There are XSS scenarios where there’s a strong filter in place like WordPress’s KSES. That filter, like many others, uses...
Read more →
Measure Your AI Risk Preparedness with This Interactive Self-Assessment Tool
Effectively managing these risks requires human expertise and strategic oversight. That’s where the AI Risk Readiness Self-Assessment Tool comes in —...
Read more →
European Council Adopts Cyber Resilience Act
The CRA will be a game-changing regulation for software and connected product security. The CRA imposes cybersecurity requirements for manufacturers...
Read more →
How To Use HackerOne’s Global Vulnerability Policy Map
To help organizations keep up with the shifting landscape of VDP mandates and recommendations, HackerOne has developed the Global Vulnerability...
Read more →