The team behind Exploit, a major cybercrime forum used by ransomware gangs to hire affiliates and advertise their Ransomware-as-a-Service (RaaS) services, has announced that ransomware ads are now...
Engineers at Google, Mozilla, and security firm Cure53 have come together to develop an application programming interface (API) that provides a systematic solution to HTML sanitization....
An established organized crime group has switched tactics by launching attacks on e-commerce stores that leverage cross-site scripting (XSS) exploits instead of traditional phishing lures. The group, dubbed...
A severe cross-site scripting (XSS) vulnerability impacting pfSense software has been patched by the vendor. Netgate solutions’ pfSense software is an open source offering based on FreeBSD for firewalling and...
Security researchers have managed to chain together a pair of vulnerabilities that might, with difficulty, have created a way to take over boards running the popular...
UPDATED DuckDuckGo has fixed a universal cross-site scripting (uXSS) flaw in a popular browser extension for Chrome and Firefox. The vulnerability was discovered in DuckDuckGo Privacy Essentials, which blocks...
A bug bounty hunter claims he has earned a $5,000 reward from Apple for reporting a stored cross-site scripting (XSS) vulnerability on iCloud.com. Vishal Bharad, a...
The vulnerability could have been exploited to access any account on the site including the Chess.com administrator account. An IT security researcher identified a critical set...
PayPal has patched a cross-site scripting – or XSS – vulnerability in its currency conversion endpoint that, if exploited, could enable malicious JavaScript injection. The PayPal vulnerability...
The NextGen Gallery development team has addressed two severe CSRF vulnerabilities to protect sites from potential takeover attacks. NextGen Gallery, a WordPress plugin used for creating...
Recent Comments