Security News

PayPal Fixes CSRF Vulnerability in PayPal.me (Threatpost)
2016-07-22 17:33

PayPal recently fixed a vulnerability on its PayPal.me site that could've let an attacker change a user's profile without their permission.

Magento Update Addresses XSS, CSRF Vulnerabilities (Threatpost)
2016-01-25 21:31

Magento patched 20 flaws last week, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site.

CSRF Flaw Patched in Popular Spring Social Core Library (Threatpost)
2015-11-13 16:08

Spring Social, a popular Java library used for social authentication, patched a risky cross-site request forgery vulnerability.