News

Computerworld

How to defeat the new No. 1 security threat: cross-site scripting

Cross-site scripting, often abbreviated XSS, is a class of Web security issues. A recent research report stated that XSS is now the top security risk. In a typical XSS scenario, a Web page might use ...
Cybernews

Flaw at major enterprise chatbot maker leads to cookie theft

Yellow.ai's customer service chatbot had a major security flaw that enabled cookie theft and account hijacking. The issue has ...
Bleeping Computer

Joomla fixes XSS flaws that could expose sites to RCE attacks

Five vulnerabilities have been discovered in the Joomla content management system that could be leveraged to execute arbitrary code on vulnerable websites. The vendor has addressed the security issues ...
ZDNet

Simple eBay security flaw exposed millions of users to spear phishing campaigns

EBay has patched a severe XSS security vulnerability which exposed potentially millions of users to phishing campaigns and subsequent data theft. Despite being informed of the bug privately, the ...
Threat Post

Unpatched Vulnerability on Wix.com Puts Millions of Sites at Risk

Wix websites are vulnerable to reflective DOM cross-site scripting attack that could give attackers control of user’s websites. Update Cloud-based web host Wix.com is vulnerable to a DOM-based ...