Searchenginejournal.com

HubSpot WordPress Plugin Vulnerability

WPScan and the United States Government National Vulnerability Database published a notice of a vulnerability discovered in the HubSpot WordPress plugin. The vulnerability exposes users of the plugin ...
Dark Reading

SSRF 101: How Server-Side Request Forgery Sneaks Past Your Web Apps

When it's time to talk attacks, it's hard to get more evil than a technique that uses victims' own systems against them. Server-side request forgery (SSRF) is one of those evil attacks, and it's one ...
Infosecurity-magazine.com

OWASP Shines Light on Three New Risk Categories

As part of a sweeping revamp of its top 10 list, OWASP has created three new categories, which security teams need to consider when looking to protect against today’s most critical and severe ...
Dark Reading

OWASP Reshuffles Its Top 10 List, Adds New Categories

Access control vulnerabilities and misconfigurations occur more often than any other security weakness and took the No. 1 spot on a top 10 list of Web application security risks, according to a draft ...
CSOonline

Azure API Management flaws highlight server-side request forgery risks in API development

Microsoft recently patched three vulnerabilities in its Azure API Management service, two of which enabled server-side request forgery (SSRF) attacks that could have allowed hackers to access internal ...