News

Bad news - your web firewall may definitely not be as resilient as you may have thought

Configuration oversights can still be leveraged in attacks - despite costly WAFs protecting the infrastructure.
Bleeping Computer4y

Phishing campaign uses UPS.com XSS vuln to distribute malware

A clever UPS phishing campaign utilized an XSS vulnerability in UPS.com to push fake and malicious 'Invoice' Word documents.
Searchenginejournal.com3y

WordPress Stored XSS Vulnerability – Update Now

Stored XSS Vulnerability discovered in WordPress can lead to full site takeover by hackers ...
Threat Post12y

PayPal Site Vulnerable to XSS Attack - Threatpost

PayPal is vulnerable to an XSS attack that a security researcher named Robert Klugler discovered.
Infosecurity-magazine.com14y

Twitter hit by XSS attack - Infosecurity Magazine

Numerous security vendors confirmed the XSS attack, including Sean-Paul Correll at Panda Labs. “This particular vulnerability took advantage of the onmouseover function in JavaScript, which works by ...
ZDNet10y

Netflix Sleepy Puppy XSS flaw detection tool goes open source

The XSS flaw detection tool also makes use of Python 2.7 with Flask, SQLAlchemy with configurable backend storage, the Ace Javascript editor and Html2Canvas JavaScript for screenshot capture, as ...
Business Insider13y

Forbes Exploited: XSS Vulnerabilities Allow Phishers to Hijack Sessions ...

Cross-site scripting flaws occur when an attacker can send a malicious script to a different user exploiting improperly terminated JavaScript. XSS flaws allow an attacker to place malicious code ...