Admins of thousands of websites are waiting for the update launching According to reports of specialists in digital forensics from the International Institute of Cyber Security, the administrators ofRead More →
Security bugs could expose details about drone owners Researchers at a cybersecurity and digital forensics firm identified a couple vulnerabilities in the website and apps of the popular drone manufacturerRead More →
The flaws could allow code execution Ethical hacking specialists have recently published a vulnerability report jointly with the enterprise systems monitoring software provider Opsview. The publication is related to five vulnerabilities in theRead More →
Researchers have discovered countless zero-day vulnerabilities that can be used to disrupt critical systems Experts in enterprise network security from the International Institute of Cyber Security reported the finding ofRead More →
On a recent engagement, our testers were faced with a single page web application which was used to generate PDF documents. This web application contained a multi-step form that ultimatelyRead More →
This is the story of how I found and exploited XSS (content injection) in the pgAdmin4 1.3 desktop client. (Before I get too much further if you use pgAdmin 4Read More →
Google says it paid over $1.2 million just for XSS bugs. Google released two new tools called CSP Evaluator and CSP Mitigator that help security researchers identify weaknesses that areRead More →
The security expert Issam Rabhi (@issam_rabhi) has discovered a cross-site scripting vulnerability in Google France. The giant already fixed it. A security expert from French security outfit Sysdream, Issam RabhiRead More →
WordPress is a free, open source content management system (CMS) for creating websites, and is considered to be the most popular blogging system in use. WordPress’ appeal to website developers stems from itsRead More →
A critical bug on eBay’s website opened the door for malicious hackers to create fake login pages to steal passwords and harvest credentials. An independent security researcher found the flawRead More →
Developers at LinkedIn fixed a persistent cross site scripting vulnerability in the social network this week that could have been exploited to spread a worm on the service’s help forums.Read More →
Developers at Automattic, the parent company behind the blogging platform WordPress, fixed a nasty stored cross-site scripting error this week in Akismet, an anti-spam plugin that figures into millions ofRead More →
Researcher finds reflected XSS bug in Drupal 8.Drupal 8 isn’t even out yet but security experts have been hard at work auditing the code and reporting security bugs, helping theRead More →
After a few critical bugs were recently discovered and patched in the core WordPress engine—a rarity with WordPress-related security issues—order has apparently been restored with the discovery of a criticalRead More →
Most automated scanning and security tools that ferret out cross-site scripting vulnerabilities don’t do much analysis beyond the target application. Netflix this week, however, released to open source a toolRead More →
A stored XSS vulnerability was identified and reported by Bitdefender’s staff to PayPal, one that could have been easily used by hackers as an entry point for further attacks. WeRead More →
