#webapplicationsecurity — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #webapplicationsecurity, aggregated by home.social.
-
Drupal Users Face Urgent Patch Deadline
Drupal users, take note: a highly critical core patch is coming and it's essential to act fast to secure your site. Get ready to install the update ASAP to avoid potential risks.
#ContentManagementSystems #Drupal #PatchManagement #EmergingThreats #WebApplicationSecurity
-
WordPress Plugin Exposes 70,000 Sites to Backdoor Vulnerability
A shocking security vulnerability has been uncovered in a popular WordPress plugin, leaving over 70,000 sites open to backdoor attacks that can inject malicious code on demand. The issue was discovered in the Quick Page/Post Redirect plugin, which was infected with a hidden backdoor five years ago.
#Wordpress #BackdoorVulnerability #PluginVulnerability #EmergingThreats #WebApplicationSecurity
-
WordPress Plugin Exposes 70,000 Sites to Backdoor Vulnerability
A shocking security vulnerability has been uncovered in a popular WordPress plugin, leaving over 70,000 sites open to backdoor attacks that can inject malicious code on demand. The issue was discovered in the Quick Page/Post Redirect plugin, which was infected with a hidden backdoor five years ago.
#Wordpress #BackdoorVulnerability #PluginVulnerability #EmergingThreats #WebApplicationSecurity
-
Not sure what to expect from the London OWASP Training Days? 👀
Here’s a quick overview of Fabio Cerullo’s Web Application Security Essentials training, for one more reason to join us 📆
https://www.youtube.com/watch?v=6ZH6gWIoZag#appsec #owasp #training #opensource #webapplicationsecurity
-
More than half of public vulnerabilities bypass leading WAFs https://www.helpnetsecurity.com/2025/12/18/miggo-research-waf-vulnerability-bypass/ #webapplicationsecurity #Whitepapersandwebinars #applicationsecurity #cybersecurity #MiggoSecurity #Don'tmiss #Hotstuff #report #News
-
Fortinet Silent Patch Raises Concern Among Security Researchers https://thecyberexpress.com/fortinet-silent-patch-raises-concern/ #WebApplicationFirewalls #webapplicationsecurity #FortinetVulnerability #TheCyberExpressNews #TheCyberExpress #Vulnerabilities #FirewallDaily #cyberattacks #CyberNews #FortiWeb #CISA
-
🔒 Elevate Your Web Application Security Game! 🔒
Are you taking the necessary steps to safeguard your web applications against cyber threats? Dive into our latest insights on the OWASP Top 10 vulnerabilities and discover actionable strategies to fortify your defenses.
#WebApplicationSecurity #OWASPTop10 #CyberSecurity #InfoSec #ProtectYourData #StaySecure #SoftwareDevelopment #VulnerabilityManagement #SecurityBestPractices #LearnMore
https://www.relianoid.com/blog/relianoid-open-web-application-security-project-top-10/
-
https://github.com/brotheralameen1/Discordforschool/security/advisories/GHSA-63xr-98vc-whx5
Published Security Advisory for OneTrust SDK V6.33.0 Vulnerable to Prototype Pollution causing DoS in the system by editing Prototype Value. Currently, submitted this to MITRE CVE to request publication of my CVE to the National Vulnerability Database and awaiting their response. You can click the link above to learn more about the exploit.
#exploit #javascript #prototype #pollution #ethical #ethicalhacking #penetration #testing #cybersecurity #informationsecurity #infosec #cybersec #bughunting #bugbounty #bugbountyhunting #bughunter #webapplication #webapplicationsecurity #security
-
Cloudflare finds almost 7% of Internet traffic to be malicious
https://stackdiary.com/cloudflare-finds-almost-7-of-internet-traffic-to-be-malicious/
#Cybersecurity #InternetSafety #Cloudflare #MaliciousTraffic #OnlineSecurity #DDoS #BotTraffic #APISecurity #DataProtection #WebSafety #CyberThreats #DigitalSecurity #TechNews #InternetThreats #HackerDefense #NetSecurity #CyberDefense #SecurityReport #WebProtection #InternetRisks #SecureWeb #CyberAwareness #NetworkSecurity #ThreatAnalysis #WebApplicationSecurity #CyberProtection #TechSafety #OnlineThreats
-
Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257) https://www.helpnetsecurity.com/2025/07/14/exploits-for-unauthenticated-fortiweb-rce-are-public-so-patch-quickly-cve-2025-25257/ #webapplicationsecurity #vulnerability #Don'tmiss #WatchTowr #Hotstuff #Fortinet #exploit #Rapid7 #News #PoC
-
hello everyone.
In our article published today, we write our own ping application with the help of Python Flask.
I wish everyone a good reading and working.
https://denizhalil.com/2024/03/08/flask-ping-web-application/
#blogger #Python #websecurity #pythonprogramming #flask #webapplicationsecurity #webapplication #pythondeveloper
-
Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys https://www.helpnetsecurity.com/2025/02/07/iis-servers-compromised-asp-net-machine-keys-viewstate-code-injection/ #webapplicationsecurity #Don'tmiss #IISserver #Microsoft #Hotstuff #webshell #malware #News
-
Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys https://www.helpnetsecurity.com/2025/02/07/iis-servers-compromised-asp-net-machine-keys-viewstate-code-injection/ #webapplicationsecurity #Don'tmiss #IISserver #Microsoft #Hotstuff #webshell #malware #News
-
Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys https://www.helpnetsecurity.com/2025/02/07/iis-servers-compromised-asp-net-machine-keys-viewstate-code-injection/ #webapplicationsecurity #Don'tmiss #IISserver #Microsoft #Hotstuff #webshell #malware #News
-
Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys https://www.helpnetsecurity.com/2025/02/07/iis-servers-compromised-asp-net-machine-keys-viewstate-code-injection/ #webapplicationsecurity #Don'tmiss #IISserver #Microsoft #Hotstuff #webshell #malware #News
-
Hello everyone.
In today's article, we're learning about web pentsting with wfuzz.👉 https://denizhalil.com/2023/11/10/web-application-security-testing-wfuzz/
#websecurity #wfuzz #cybersecurity #ethicalhacking #pentesting #webapplicationsecurity
-
Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610) https://www.helpnetsecurity.com/2025/04/25/rack-ruby-vulnerability-could-reveal-secrets-to-attackers-cve-2025-27610/ #webapplicationsecurity #securityupdate #vulnerability #Don'tmiss #Hotstuff #OPSWAT #News #Ruby
-
SQL Injection Cheat Sheet: A Comprehensive Guide
https://denizhalil.com/2025/04/02/sql-injection-cheat-sheet/#cybersecurity #websecurity #sql #sqlinjection #webapplicationsecurity #pentesting #ethicalhacking #blogger
-
Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) https://www.helpnetsecurity.com/2025/03/24/critical-next-js-auth-bypass-vulnerability-opens-web-apps-to-compromise-cve-2025-29927/ #webapplicationsecurity #ProjectDiscovery #webdevelopment #vulnerability #Cloudflare #opensource #Don'tmiss #framework #Hotstuff #Next.js #News #PoC
-
Tackling software vulnerabilities with smarter developer strategies https://www.helpnetsecurity.com/2024/12/13/karl-mattson-endor-labs-secure-coding/ #webapplicationsecurity #applicationsecurity #cybersecurity #Don'tmiss #EndorLabs #Features #Hotstuff #software #opinion #News #code
-
AI’s impact on the future of web application security https://www.helpnetsecurity.com/2024/11/15/tony-perez-noc-org-web-application-security/ #webapplicationsecurity #incidentresponse #cybersecurity #APIsecurity #monitoring #Don'tmiss #Features #Hotstuff #opinion #News
-
Hello everyone.
In today's article, we examine in detail Wpscan, which is used in WordPress scans:https://denizhalil.com/2024/10/15/wpscan-wordpress-security/
#websecurity #webapplicationsecurity #cybersecurity #ethicalhacking #pentesting #wpscan
-
Web-based PLC malware: A new potential threat to critical infrastructure https://www.helpnetsecurity.com/2024/03/07/web-based-plc-malware/ #webapplicationsecurity #Don'tmiss #ICS/SCADA #Hotstuff #research #malware #News #PLC
-
CVE-2023-33466 - Exploiting Healthcare Servers with Polyglot Files:
#cve #exploitation #informationsecurity #infosec #vulnerability #webapplicationsecurity
-
"Please provide details to demonstrate that the scanner is able to identify all known web application security vulnerabilities."
I'm still laughing
-
Took my first SANS course last week, SEC542 (Web Application Penetration Testing). I was kind of surprised at how much I already knew, although it certainly broadened my understanding of concepts I’d learned before. And of course there was a lot that was totally new to me.
I’m going through the book now and working on creating an index (tips are appreciated). The book covers a lot of what couldn’t be crammed into 5 days, so I’m excited to dig in a bit deeper. Not sure I’m a fan of the slide deck with notes format but maybe it’ll grow on me.
-
Hey everyone!
I wanted to share some exciting news with you all. Over the past couple of months, I've been dedicated to working on the NodeJS API of @zaproxy. It's incredible to see that despite the API not being updated for the last 4 years, it's been receiving an impressive ±2500 weekly downloads on https://www.npmjs.com/package/zaproxy.
Today, I'm thrilled to announce the release of the major version, 2.0.0-rc.1, of this API. This update brings a plethora of new features, improvements, and fixes that will enhance your experience with @zaproxy.
With this updated API, you can seamlessly integrate the power of @zaproxy into your NodeJS applications. It opens up a world of possibilities, from integrating security in CI/CD pipelines to creating your own automated web scanners with fully customizable configurations.
In the future, I plan to release a blog post that dives into the potential uses of this API, so stay tuned for that.
If you're interested, you can check out the source code here: https://github.com/zaproxy/zap-api-nodejs
Let's make the web a safer place together!
-
🔥⏲️ Fudge Sunday "Take the Bot DataDome" This week we take a look at recent funding for DataDome, related bot management solutions, and the road ahead.
#webapplicationsecurity #webapplicationfirewall #owasp #bots #frauddetection #fraudprevention #ecommerce #botmanagement #secondarymarket #auctions #sneakerhead #mitigation #machinelearning #artificialintelliegence #aiml #newsletter #newsletters
-
The Complete Guide to Web Application Penetration Testing - If you are a Web Security Professional, Web Penetration Tester, or Web Application... - https://readwrite.com/2022/01/02/the-complete-guide-to-web-application-penetration-testing/ #webapplicationpenetrationtesting #penetrationtestingmethodology #bestpracticescybersecurity #webapplicationdevelopment #websecurityprofessional #webapplicationsecurity #webpenetrationtester #penetrationtesting #webapppentesting #dataandsecurity #hack
-
What to Expect from an IT Security Audit - Like all security audits, an IT security audit serves to analyze an organization’s... - https://readwrite.com/2021/07/16/what-to-expect-from-an-it-security-audit/ #bestpracticescybersecurity #webapplicationsecurity #businesscompliance #dataandsecurity #networksecurity #cloudsecurity #itsecurity
-
Cloudflare finds almost 7% of Internet traffic to be malicious
https://stackdiary.com/cloudflare-finds-almost-7-of-internet-traffic-to-be-malicious/
#Cybersecurity #InternetSafety #Cloudflare #MaliciousTraffic #OnlineSecurity #DDoS #BotTraffic #APISecurity #DataProtection #WebSafety #CyberThreats #DigitalSecurity #TechNews #InternetThreats #HackerDefense #NetSecurity #CyberDefense #SecurityReport #WebProtection #InternetRisks #SecureWeb #CyberAwareness #NetworkSecurity #ThreatAnalysis #WebApplicationSecurity #CyberProtection #TechSafety #OnlineThreats
-
Cloudflare finds almost 7% of Internet traffic to be malicious
https://stackdiary.com/cloudflare-finds-almost-7-of-internet-traffic-to-be-malicious/
#Cybersecurity #InternetSafety #Cloudflare #MaliciousTraffic #OnlineSecurity #DDoS #BotTraffic #APISecurity #DataProtection #WebSafety #CyberThreats #DigitalSecurity #TechNews #InternetThreats #HackerDefense #NetSecurity #CyberDefense #SecurityReport #WebProtection #InternetRisks #SecureWeb #CyberAwareness #NetworkSecurity #ThreatAnalysis #WebApplicationSecurity #CyberProtection #TechSafety #OnlineThreats
-
Cloudflare finds almost 7% of Internet traffic to be malicious
https://stackdiary.com/cloudflare-finds-almost-7-of-internet-traffic-to-be-malicious/
#Cybersecurity #InternetSafety #Cloudflare #MaliciousTraffic #OnlineSecurity #DDoS #BotTraffic #APISecurity #DataProtection #WebSafety #CyberThreats #DigitalSecurity #TechNews #InternetThreats #HackerDefense #NetSecurity #CyberDefense #SecurityReport #WebProtection #InternetRisks #SecureWeb #CyberAwareness #NetworkSecurity #ThreatAnalysis #WebApplicationSecurity #CyberProtection #TechSafety #OnlineThreats
-
Cloudflare finds almost 7% of Internet traffic to be malicious
https://stackdiary.com/cloudflare-finds-almost-7-of-internet-traffic-to-be-malicious/
#Cybersecurity #InternetSafety #Cloudflare #MaliciousTraffic #OnlineSecurity #DDoS #BotTraffic #APISecurity #DataProtection #WebSafety #CyberThreats #DigitalSecurity #TechNews #InternetThreats #HackerDefense #NetSecurity #CyberDefense #SecurityReport #WebProtection #InternetRisks #SecureWeb #CyberAwareness #NetworkSecurity #ThreatAnalysis #WebApplicationSecurity #CyberProtection #TechSafety #OnlineThreats
-
https://github.com/brotheralameen1/Discordforschool/security/advisories/GHSA-63xr-98vc-whx5
Published Security Advisory for OneTrust SDK V6.33.0 Vulnerable to Prototype Pollution causing DoS in the system by editing Prototype Value. Currently, submitted this to MITRE CVE to request publication of my CVE to the National Vulnerability Database and awaiting their response. You can click the link above to learn more about the exploit.
#exploit #javascript #prototype #pollution #ethical #ethicalhacking #penetration #testing #cybersecurity #informationsecurity #infosec #cybersec #bughunting #bugbounty #bugbountyhunting #bughunter #webapplication #webapplicationsecurity #security
-
https://github.com/brotheralameen1/Discordforschool/security/advisories/GHSA-63xr-98vc-whx5
Published Security Advisory for OneTrust SDK V6.33.0 Vulnerable to Prototype Pollution causing DoS in the system by editing Prototype Value. Currently, submitted this to MITRE CVE to request publication of my CVE to the National Vulnerability Database and awaiting their response. You can click the link above to learn more about the exploit.
#exploit #javascript #prototype #pollution #ethical #ethicalhacking #penetration #testing #cybersecurity #informationsecurity #infosec #cybersec #bughunting #bugbounty #bugbountyhunting #bughunter #webapplication #webapplicationsecurity #security
-
https://github.com/brotheralameen1/Discordforschool/security/advisories/GHSA-63xr-98vc-whx5
Published Security Advisory for OneTrust SDK V6.33.0 Vulnerable to Prototype Pollution causing DoS in the system by editing Prototype Value. Currently, submitted this to MITRE CVE to request publication of my CVE to the National Vulnerability Database and awaiting their response. You can click the link above to learn more about the exploit.
#exploit #javascript #prototype #pollution #ethical #ethicalhacking #penetration #testing #cybersecurity #informationsecurity #infosec #cybersec #bughunting #bugbounty #bugbountyhunting #bughunter #webapplication #webapplicationsecurity #security
-
https://github.com/brotheralameen1/Discordforschool/security/advisories/GHSA-63xr-98vc-whx5
Published Security Advisory for OneTrust SDK V6.33.0 Vulnerable to Prototype Pollution causing DoS in the system by editing Prototype Value. Currently, submitted this to MITRE CVE to request publication of my CVE to the National Vulnerability Database and awaiting their response. You can click the link above to learn more about the exploit.
#exploit #javascript #prototype #pollution #ethical #ethicalhacking #penetration #testing #cybersecurity #informationsecurity #infosec #cybersec #bughunting #bugbounty #bugbountyhunting #bughunter #webapplication #webapplicationsecurity #security
-
https://github.com/brotheralameen1/Discordforschool/security/advisories/GHSA-63xr-98vc-whx5
Published Security Advisory for OneTrust SDK V6.33.0 Vulnerable to Prototype Pollution causing DoS in the system by editing Prototype Value. Currently, submitted this to MITRE CVE to request publication of my CVE to the National Vulnerability Database and awaiting their response. You can click the link above to learn more about the exploit.
#exploit #javascript #prototype #pollution #ethical #ethicalhacking #penetration #testing #cybersecurity #informationsecurity #infosec #cybersec #bughunting #bugbounty #bugbountyhunting #bughunter #webapplication #webapplicationsecurity #security
-
🚀 Elevate your web application security with our #penetrationtestingchecklist!
💼💻 It can be your toolkit for uncovering and fixing critical security gaps. Ensure your app's strength and maintain user trust - https://bit.ly/3tXXLoG
#pentesting #webapplicationpenetrationtesting #webapplicationsecurity #webvulnerabilities #webapplications #vulnerabilityscanning #webvulnerabilityscanner #indusfacewas #indusface
-
Hello everyone.
In today's article, we're learning about web pentsting with wfuzz.👉 https://denizhalil.com/2023/11/10/web-application-security-testing-wfuzz/
#websecurity #wfuzz #cybersecurity #ethicalhacking #pentesting #webapplicationsecurity
-
Hello everyone.
In today's article, we're learning about web pentsting with wfuzz.👉 https://denizhalil.com/2023/11/10/web-application-security-testing-wfuzz/
#websecurity #wfuzz #cybersecurity #ethicalhacking #pentesting #webapplicationsecurity
-
Hello everyone.
In today's article, we're learning about web pentsting with wfuzz.👉 https://denizhalil.com/2023/11/10/web-application-security-testing-wfuzz/
#websecurity #wfuzz #cybersecurity #ethicalhacking #pentesting #webapplicationsecurity
