- Security
- By Sergiu Gatlan
- December 13th, 2018
Samsung Patches CSRF Issues That Could Allow Hackers to Take Over User Accounts
The researcher who found the bugs got a $13,300 bounty
- Security
- By Sergiu Gatlan
- December 12th, 2018
phpMyAdmin Fixes Severe Local File Inclusion Vulnerability
XSRF/CSRF and XSS security issues also patched
- Security
- By Sergiu Gatlan
- December 11th, 2018
Novidade Exploit Kit Actively Targeting SOHO and Home Routers
Malware campaign uses CSRF to change routers' DNS settings
- Security
- By Sergiu Gatlan
- November 13th, 2018
Fixed Facebook Privacy Bug Could Have Allowed Bad Actors to Steal Personal Info
Security issue resided in iframe used for internal tracking
- Security Fixes and Improvements
- By Catalin Cimpanu
- September 21st, 2016
Security Bug Lets Hackers Steal Monero, Today's 2nd Most Popular Cryptocurrency
Despite fix, many Monero wallets remain vulnerable
- Security Fixes and Improvements
- By Catalin Cimpanu
- September 1st, 2016
Vulnerability in Yandex Browser Allows Attackers to Steal Victims' Browsing Data
Vulnerability is easy to exploit, hard to spot
- Security
- By Catalin Cimpanu
- March 31st, 2016
XSS and CSRF Bugs in Steam Dev Panel Let Anyone Be a Valve Admin
Valve admins had better watch their cookies!
- Security Blog
- By Catalin Cimpanu
- March 20th, 2016
Infographic: How CSRF Attacks Work
CSRF is more dangerous than many people think
- Security
- By Catalin Cimpanu
- February 28th, 2016
One in Ten Top Internet Sites May Be Vulnerable to CSRF and XSS Attacks
CloudFlare researchers finds that 10% of Alexa Top 1 Million sites use improper CORS security settings
- Security
- By Catalin Cimpanu
- February 27th, 2016
The Most Common Vulnerabilities in Open Source Web Applications Are XSS and SQLi
Remote and Local File Inclusion vulnerabilities ranked third
- Security
- By Catalin Cimpanu
- January 19th, 2016
ASDA Supermarket Exposed Customer Details for Almost Two Years
Supermarket chain takes forever to fix XSS and CSRF bugs
- Security
- By Catalin Cimpanu
- January 14th, 2016
Infographic: The Five Stages of a Web Attack
An intro into the five stages of a Web attack
- Security
- By Catalin Cimpanu
- January 11th, 2016
CSRF Bug in Verizon's API Left My FiOS Accounts Open to Attacks
API used a simple authentication scheme, exposing users to CSRF attacks that allowed third-parties to hijack accounts
- Security Fixes and Improvements
- By Catalin Cimpanu
- November 13th, 2015
Spring Social Library Grants Attackers Access to Your Private Accounts
CSRF attack caused by anti-CSRF protection system
- Security
- By Catalin Cimpanu
- October 8th, 2015
Huawei 3G Router Goes Unnoticed All These Years Sporting XSS, CSRF, and DoS Bugs
Huawei's B260A 3G router was a complete mess
- Security
- By Catalin Cimpanu
- October 4th, 2015
Insecure Flash Cross-Domain Policies Expose Users to Abuse on One in Ten Websites
968 websites in the Alexa top 10,000 are vulnerable
- Security
- By Catalin Cimpanu
- September 22nd, 2015
Western Digital My Cloud Devices Can Be Hacked by Local or Remote Attackers
Security researchers find CSRF and code injection flaws