- Security
- By Catalin Cimpanu
- May 26th, 2016
Hackers Prefer File Upload, XSS, and SQLi Bugs When Attacking WordPress Sites
Infocus2 is the most attacked WordPress theme
- Security
- By Catalin Cimpanu
- May 17th, 2016
Researcher Wins $5,000 for Finding XSS Bug on Google in Most Peculiar Manner
Google fixes dormant XSS issue in Cloud Console dashboard
- Security Fixes and Improvements
- By Catalin Cimpanu
- May 7th, 2016
WordPress 4.5.2 Released to Fix XSS and SOME Security Bugs
Both flaws are in third-party components
- Security Fixes and Improvements
- By Catalin Cimpanu
- May 3rd, 2016
Stored XSS Bug Affects All bbPress WordPress Forum Versions
Attackers can gain control of the website by stealing cookies and impersonating admins or moderators
- Security
- By Catalin Cimpanu
- April 16th, 2016
Researcher Identifies XSS Filter Bypass in Microsoft Edge
The issue is not fixed, Microsoft still working on it
- Security
- By Catalin Cimpanu
- April 13th, 2016
Google Fixes XSS Bug in Account Recovery Procedure
Attackers could take over any Google account they wanted
- Security
- By Catalin Cimpanu
- April 11th, 2016
Bug in OS X Messages App Lets Attackers Steal Your Chat History
Don't worry, Apple's precious crypto is fine
- Security
- By Catalin Cimpanu
- March 31st, 2016
XSS and CSRF Bugs in Steam Dev Panel Let Anyone Be a Valve Admin
Valve admins had better watch their cookies!
- Security
- By Catalin Cimpanu
- March 27th, 2016
WordPress Attacked 3.5 Times More Often than Non-CMS Sites
SQL injection attacks grew 3 times year-to-year in H1 2015
- Security
- By Catalin Cimpanu
- March 4th, 2016
XSS on Fortinet's Login Page Let Attackers Log Passwords in Cleartext
Just the bug nation-state actors were looking for
- Security
- By Catalin Cimpanu
- March 3rd, 2016
Ad Code for Many Advertising Networks Vulnerable to Basic XSS Attacks
XSS payload jumps across pages via ad code
- Security
- By Catalin Cimpanu
- February 28th, 2016
One in Ten Top Internet Sites May Be Vulnerable to CSRF and XSS Attacks
CloudFlare researchers finds that 10% of Alexa Top 1 Million sites use improper CORS security settings
- Security
- By Catalin Cimpanu
- February 27th, 2016
The Most Common Vulnerabilities in Open Source Web Applications Are XSS and SQLi
Remote and Local File Inclusion vulnerabilities ranked third
- Security
- By Catalin Cimpanu
- February 19th, 2016
JSF*** eBay XSS Bug Exploited in the Wild, Despite the Company's Fix
Attackers exploit eBay's lackluster security policy
- Security
- By Catalin Cimpanu
- February 12th, 2016
Torrents Time Plugin Plagued by Security Issues, Pirate Bay & KAT Users at Risk UPDATE
The honeymoon is over, and the ground-breaking browser torrenting technology is a security and user privacy disaster
- Security
- By Catalin Cimpanu
- January 28th, 2016
Facebook Patches Critical XSS Bug That Led to Total Account Compromise
Facebook patched the issue in about six hours
- Security Fixes and Improvements
- By Catalin Cimpanu
- January 24th, 2016
XSS Bug in Magento Allows Attackers to Take Over Online Shops
The malicious code can be stored inside email address fields, and then executed in the Magento backend