Browser

A sophisticated credential theft technique, identified as T1555.003 in the MITRE ATT&CK framework, has emerged as a significant threat to organizations worldwide.  This technique enables adversaries to extract usernames and passwords directly from web browsers,...

The Tor Project has issued an emergency update for Windows users on March 27, 2025, releasing Tor Browser 14.0.8 with critical security patches.  This Windows-only release addresses "very urgent" security vulnerabilities in Firefox, the browser...

Cloudflare has unveiled a clientless, browser-based Remote Desktop Protocol (RDP) solution, expanding its Zero Trust Network Access (ZTNA) capabilities for secure Windows server access. This new offering, which follows the October 2024 release of short-lived...

The Tor Project has officially launched Tor Browser 14.0.6, addressing a critical crash issue affecting users on older macOS systems. This latest update incorporates several technical improvements, ensuring enhanced stability and performance across platforms. Tor Browser...

A Cross-Site Scripting (XSS) vulnerability has been identified in the TP-Link Archer A20 v3 router, specifically in firmware version 1.0.6 Build 20231011 rel.85717(5553).  The issue stems from improper handling of directory listing paths on the...

PortSwigger has released Burp Suite 2025.1, introducing several new features and improvements aimed at enhancing the tool's usability and efficiency for penetration testers.  This update includes significant advancements in the Burp Intruder module, HTTP response...

A recently identified vulnerability in the Brave browser has raised significant security concerns for its users. The issue, tracked as CVE-2025-23086, affects desktop versions of Brave from 1.70.x to 1.73.x.  It involves a flaw in...