Server-side request forgery (SSRF) attacks consist of an attacker tricking the server into making an unauthorized request. Defending against them can be relatively easy.

An Ivanti Connect Secure and Ivanti Policy Secure server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 is currently under mass exploitation by multiple attackers.

A server-side request forgery (SSRF) flaw in an API of a large financial technology (fintech) platform potentially could have compromised millions of bank customers, allowing attackers to defraud ...

Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices.

Exploitation combines two weaknesses “Exploitation for this campaign is a combination of CWE-200: Exposure of Sensitive Information to an Unauthorized Actor, and CWE-918: Server-Side Request ...

On Monday, a former Amazon employee was arrested and charged with stealing more than 100 million consumer applications for credit from Capital One. Since then, many have speculated the breach was ...

In its blog post, Microsoft said an investigation concluded that the four SSRF vulnerabilities were “low risk” and that they “could not be used to access metadata, connect to internal ...