A new type of cross-site scripting (XSS) attack that exploits commonly used network administration tools could be putting users' data at risk, a researcher says. Tyler Reguly, lead security research ...

Researchers have built a tool that automatically finds and exploits SQL injection and cross-site scripting vulnerabilities in Web applications. The so-called Ardilla tool uses a technique developed by ...

A popular WordPress anti-malware plugin was discovered to have a reflected cross-site scripting vulnerability. This is a type of vulnerability that can allow an attacker to compromise an administrator ...

Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers. Now ...

The possible cyberattacks include disabling monitoring, location-tracking of children and malicious redirects of parent-console users. Canopy, a parental control app that offers a range of features ...

A pair of zero-days affecting Pling-based marketplaces could allow for some ugly attacks on unsuspecting Linux enthusiasts — with no patches in sight. An unpatched stored cross-site-scripting (XSS) ...

In today’s digital landscape, web applications are integral to our daily lives, enabling seamless interactions and transactions. However, this increased connectivity also opens the door to potential ...

Security researchers warn that the 'Advanced Custom Fields' and 'Advanced Custom Fields Pro' WordPress plugins, with millions of installs, are vulnerable to cross-site scripting attacks (XSS). The two ...