Glassdoor, a website for job hunting and posting anonymous company reviews, has resolved a critical issue that could be exploited to take over accounts. Bug bounty researcher "Tabahi" (ta8ahi) found ...

Long after CVEs issued and open source flaws fixed Last fall, Jakub Ciolek reported two denial-of-service bugs in Argo CD, a ...

No stranger to the malevolent efforts of cybercriminals, PayPal is now offering financial rewards to researchers who find and report security bugs to the site's administrators. Michael Barrett, PayPal ...

The Chinese ISP has expanded its program via HackerOne. The Tencent Security Response Center (TSRC) is launching an expanded bug-bounty program, via the HackerOne white-hat platform – and the company ...

If you think Cross-Site Request Forgery (CSRF) vulnerabilities aren't easy to find or exploit on your Website, think again. A researcher has released a tool that makes it easier to test sites for CSRF ...

The move is a distinct change in direction for the app, which has been criticized and even banned for its security practices. TikTok has expanded its vulnerability disclosure policy to include a ...

Breakthroughs, discoveries, and DIY tips sent every weekday. Terms of Service and Privacy Policy. The year was 2016, and Hack the Pentagon had just become the federal ...

HackerOne, a company that hosts bug bounty programs for some of the world's largest companies, has published today its ranking for the Top 10 most successful programs hosted on its platform. The ...

A security researcher from India was awarded $5,000 from Apple via its bug bounty program, after discovering a cross-site scripting (XSS) flaw in iCloud. Since the discovery of the issue, Apple has ...

Healthcare security teams are under intense pressure to secure their environments from a growing number of threats. Teams are often understaffed, constantly catching up with an onslaught of threats ...