- Security
- By Catalin Cimpanu
- January 19th, 2016
ASDA Supermarket Exposed Customer Details for Almost Two Years
Supermarket chain takes forever to fix XSS and CSRF bugs
- Security
- By Catalin Cimpanu
- January 19th, 2016
Yahoo Fixes Bug That Could Compromise Email Accounts When Opening an Email
Infosec researcher pockets $10,000 for his work
- Security
- By Catalin Cimpanu
- January 14th, 2016
Infographic: The Five Stages of a Web Attack
An intro into the five stages of a Web attack
- Security
- By Catalin Cimpanu
- January 13th, 2016
Three XSS Bugs Found on Mozilla's Add-ons and Support Portals
Security researcher gets $2,500 for his effort
- Security
- By Catalin Cimpanu
- January 12th, 2016
eBay Bug Allows Hackers to Steal User Passwords
eBay XSS bug twice as dangerous if used in phishing scams
- Security
- By Catalin Cimpanu
- December 29th, 2015
AVG Forcibly Installs Vulnerable Chrome Extension That Exposes Users' Browsing History
AVG installs poorly written Chrome extension
- Digital Rights/Piracy
- By Catalin Cimpanu
- December 21st, 2015
1337x Admin Ignores Account Hijacking Issue, Staff Leaves Torrent Portal
Drama in the pirating community as mods leave popular 1337x torrent portal and create their own clone
- Security
- By Catalin Cimpanu
- December 8th, 2015
Script Kiddies Can Now Launch XSS Attacks Against IoT Wind Turbines
More security bugs continue to surface in IoT devices
- Security Blog
- By Catalin Cimpanu
- November 27th, 2015
Google Translate Website Affected by XSS Bug, Google Says It's OK
The bug is in the website's "translate a document" feature
- Security Fixes and Improvements
- By Catalin Cimpanu
- November 18th, 2015
XSS Vulnerability Fixed in the WordPress WooCommerce Plugin
Hard to exploit, but a bountiful bug for hackers
- Security
- By Catalin Cimpanu
- November 13th, 2015
2015: WordPress Sites Saw a 250 Percent Rise in Attacks
Healthcare sector was also hit hard by hackers
- Security
- By Catalin Cimpanu
- November 9th, 2015
Buggy Analytics Code Exposes NBC, NFL Sites to XSS
ECMAScript 6 exposes sites to new XSS attack vectors
- Security Blog
- By Catalin Cimpanu
- November 3rd, 2015
The Telegraph and Daily Mail Fix XSS Vulnerabilities
A third unauthorized redirect issue is still present
- Security Fixes and Improvements
- By Catalin Cimpanu
- October 31st, 2015
XSS Vulnerability in Mantis Bug Tracker Puts Corporate 0Day Bugs at Risk
Mantis team fixes dangerous reflected XSS flaw
- Security
- By Catalin Cimpanu
- October 30th, 2015
It Took a Security Researcher 2 Minutes to Find an XSS Bug on YouTube Gaming
Researchers receives $3,000 for his efforts from Google
- Security Fixes and Improvements
- By Catalin Cimpanu
- October 28th, 2015
Oracle EBS Fixed Against XSS, XXE, and SQL Injection Vulnerabilities
Attackers could gain admin rights over EBS applications
- Security
- By Catalin Cimpanu
- October 17th, 2015
XSS Bug Fixed in Akismet Anti-Spam WordPress Plugin
Automattic also sets up a protection system for older plugin versions, where the admin forget to upgrade it