cognitive cybersecurity intelligence

News and Analysis

Truffle Security relaunches XSS Hunter tool with new features

XSS Hunter, a popular tool for detecting cross-site scripting (XSS) bugs on sites, now belongs to Truffle Security who have launched a new version with enhanced security features. Given that XSS is a frequent vulnerability (about 23% of the bug reports submitted to bug bounty platform HackerOne), the tool’s modifications should mitigate its previous data leakage risks. The new version also supports detection of other vulnerabilities like cross-origin resource sharing (CORS) misconfigurations and scans for source code leaks.

Source: portswigger.net –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

Neptune RAT malware targeting Windows users

Neptune RAT malware targeting Windows users

Neptune RAT, a “malware-as-a-service” being sold on platforms such as GitHub and YouTube, poses a major threat to Windows PC users. Capable of hijacking systems,

Cybersecurity experts share how AI could enhance tax-related scams

Cybersecurity experts share how AI could enhance tax-related scams

Cybersecurity experts highlight AI-related threats and provide tips for staying safe during tax season.

PipeMagic Trojan Exploits Windows CLFS Zero-Day Vulnerability to Deploy Ransomware

PipeMagic Trojan Exploits Windows CLFS Zero-Day Vulnerability to Deploy Ransomware

Microsoft reported a now-patched security flaw, CVE-2025-29824, in Windows’ Common Log File System that was exploited in select ransomware attacks against IT and real estate

CISA Warns of CrushFTP Authentication Bypass Vulnerability Exploited in Attacks

CISA Warns of CrushFTP Authentication Bypass Vulnerability Exploited in Attacks

CISA has added a critical authentication bypass vulnerability (CVE-2025-31161) in CrushFTP (versions 10.0.0-10.8.3 and 11.0.0-11.3.0) to its KEV Catalog. With a CVSS score of 9.8,