Researchers will demonstrate a lethal combination of cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks tomorrow at Black Hat Europe in Amsterdam. The goal is to show the danger ...

A handful of vulnerabilities have been identified in WSO2 Identity Server that could lead to takeover, firewall bypass, and potentially open subsequent internal servers up to further attacks. A ...

Cross-site scripting (XSS) is the most rewarding security vulnerability, according to data on the number of bug bounties paid. According to HackerOne’s top 10 most impactful security vulnerabilities, ...

Magento patched 20 flaws last week, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site. Magento patched 20 vulnerabilities last week, ...

The high-profile attack that hit the Twitter website early this morning and affected tens to hundreds of thousands of Twitter users serves as a reminder of just how the pervasive but often-dismissed ...

The U.S. Government National Vulnerability Database published warnings of multiple vulnerabilities affecting WordPress. There are multiple kinds of vulnerabilities affecting WordPress, including a ...

Cross-site Scripting (XSS) attacks are becoming more and more popular amongst hackers. Between Q2 2012 and Q3 2012, the attack type has increased by an estimated 69 percent, according to secure cloud ...

The Ninja Forms WordPress plugin harbored a severe security flaw that could be used for website takeover through the creation of new administrator accounts. Ninja Forms is a drag-and-drop contact form ...

It’s common knowledge that images make webpages, email footers and other similar elements more presentable and attractive. But a simple image containing a malicious link can be a serious threat. For ...