- Security Fixes and Improvements
- By Ionut Ilascu
- May 13th, 2015
WSO2 Identity Server Vulnerable to XSS and CSRF Attacks
Proof-of-concept exploit code published for each issue
- Security
- By Ionut Ilascu
- May 7th, 2015
WordPress 4.2.2 Fixes DOM-Based XSS Bug Affecting Millions of Websites
Flaw can be repaired manually, bug is exploited in the wild
- Security
- By Ionut Ilascu
- May 6th, 2015
Millions of WordPress Websites Susceptible to Hijack Attacks
Attacks recorded before the disclosure of the vulnerability
- Security
- By Ionut Ilascu
- April 29th, 2015
Stored XSS Bug in eBay Messages Still Unpatched a Year After Reporting, PoC Available
Company refuses to offer the researcher info on glitch fix
- Security Fixes and Improvements
- By Ionut Ilascu
- April 28th, 2015
WordPress 4.2.1 Patches Zero-Day Affecting All Previous Versions
Updating should be at the top of the priority list
- Security
- By Ionut Ilascu
- April 27th, 2015
WordPress 4.2 Affected by Zero-Day Stored XSS, PoC Available Updated
Most popular WordPress versions are currently affected
- Security
- By Ionut Ilascu
- April 25th, 2015
Google Analytics by Yoast Security Patch Fixes Stored XSS
Yoast downplays severity of its Google Analytics update
- Security Fixes and Improvements
- By Ionut Ilascu
- April 22nd, 2015
WordPress 4.1.2 Fixes Critical XSS Flaw
Developers address multiple security problems
- Security
- By Ionut Ilascu
- April 21st, 2015
Highly Popular WordPress Plugins Vulnerable to XSS Attacks
Admins should update all WordPress components
- Security
- By Ionut Ilascu
- April 9th, 2015
Multiple Flaws Found in Motorola’s Surfboard SBG6580 Cable Modem
Attack exploits backdoor support account, CSRF and XSS flaws
- Security Fixes and Improvements
- By Ionut Ilascu
- April 8th, 2015
Stored XSS Glitch in WP-Super-Cache May Affect over 1 Million WordPress Sites
Attackers can gain complete control of the website
- Security Fixes and Improvements
- By Ionut Ilascu
- March 20th, 2015
Stored XSS Found in Yoast’s Google Analytics for WordPress
Non-severe issues, can be exploited via targeted attacks
- Advisories
- By Ionut Ilascu
- February 12th, 2015
Over 60% of Popular Android Mobile Dating Apps Are Vulnerable
Seeking romance can lead to courting from crooks
- Advisories
- By Ionut Ilascu
- February 11th, 2015
XFO Flaw in Play Store Web App Domain Allows Remote Code Execution
Android JellyBean and earlier are affected
- Security
- By Ionut Ilascu
- February 3rd, 2015
Almost All About.com Links Vulnerable to XSS, XFS Attacks
Researcher created his own tool to test the links
- Advisories
- By Ionut Ilascu
- February 3rd, 2015
Same-Origin Policy Bypassed in Internet Explorer UPDATED
Proof-of-concept works with the latest builds of the browser
- Security Fixes and Improvements
- By Ionut Ilascu
- January 23rd, 2015
Google Apps Admin Panel Falls for XSS, Issue Researcher Gets $5,000
Glitch allowed password change, disabling 2FA