- Incidents
- By Lucian Constantin
- July 22nd, 2009
MI5 and WHO Websites Compromised
Vulnerable to cross-site scripting attacks
- Security Fixes and Improvements
- By Lucian Constantin
- June 24th, 2009
New Mozilla Technology to Mitigate Cross-Site Scripting
The Content Security Policy specification allows websites to tell browsers what to trust
- Hacking News
- By Lucian Constantin
- June 5th, 2009
Webmail Service CEO: Hack My E-mail, Get $10,000
Security researchers: Done
- Incidents
- By Lucian Constantin
- May 27th, 2009
Multiple Visa Websites XSSed
The vulnerabilities could facilitate phishing attacks
- Hacking News
- By Lucian Constantin
- May 23rd, 2009
RBS WorldPay Website Vulnerable to Phishing Attacks
XSS weakness allows arbitrary IFrame injection
- Incidents
- By Lucian Constantin
- May 21st, 2009
U.S. Bank and Bank of America Websites Vulnerable
XSS vulnerabilities facilitate phishing attacks
- Incidents
- By Lucian Constantin
- May 18th, 2009
The Website of the International Federation of the Phonographic Industry XSSed
Websites using the Sage Pay payment service provider are also affected, hacker claims
- Security
- By Lucian Constantin
- May 14th, 2009
Adobe Vulnerable to XSS Because of Buggy Flash Files
Hundreds of thousands of other websites are also affected
- Incidents
- By Lucian Constantin
- May 13th, 2009
PayPal Registration Page XSSed
Rogue IFrame injected into the registration form
- Hacking News
- By Lucian Constantin
- May 13th, 2009
Universal Google Cross-Site Scripting Flaw Discovered
Putting most of a user's Google-hosted assets at risk
- Incidents
- By Lucian Constantin
- May 11th, 2009
Multiple Antivirus Websites XSSed in One Hit
They are operated by Symantec, Kaspersky, AVG, ESET, F-Secure and Trend Micro
- Incidents
- By Lucian Constantin
- May 6th, 2009
Multiple MPAA and RIAA Websites XSSed
Movie ratings can be altered and other rogue content loaded
- Incidents
- By Lucian Constantin
- May 4th, 2009
McAfee Websites Vulnerable to Attacks
Due to several cross-site scripting weaknesses
- Incidents
- By Lucian Constantin
- May 4th, 2009
The Pirate Bay Torrents Listing on the MPAA Website
The result of a proof-of-concept frame injection attack
- Incidents
- By Lucian Constantin
- April 16th, 2009
Symantec and Kaspersky Websites XSSed
New cross-site scripting weaknesses discovered in the websites of the two AV vendors
- Incidents
- By Lucian Constantin
- April 14th, 2009
Mikeyy's Worms Hit Twitter for the Fourth Time
The service's staff has trouble keeping up with all the XSS weaknesses
- Incidents
- By Lucian Constantin
- April 13th, 2009
Twitter Hit Three Times by Worms During the Weekend
Cross-site scripting flaws used for propagation