Security News

WordPress 4.7.1 Fixes CSRF, XSS, PHPMailer Vulnerabilities (Threatpost)
2017-01-12 17:38

A new WordPress update, pushed this week, resolves eight security issues, including a handful of XSS and CSRF bugs.

Yahoo Mail XSS Bug Worth Another $10K to Researcher (Threatpost)
2016-12-09 13:00

Finnish security researcher Jouko Pynnonen found a second stored cross-site scripting vulnerability in Yahoo Mail in less than a year, both of which earned him $10,000 bug bounties.

Google tackles XSS scripting flaws with new developer tools (ZDNet)
2016-09-28 08:36

Google Releases New XSS Prevention Tools (SecurityWeek)
2016-09-27 17:36

Google tries to cross out XSS attacks by releasing its own test tool (The Register)
2016-09-27 08:06

Restriction Bypass, XSS Flaws Patched in Drupal 8 (SecurityWeek)
2016-09-22 11:05

Researcher reports XSS hole in Google France (The Register)
2016-09-14 04:49

WordPress Flaw Allows XSS Attack via Image Filenames (SecurityWeek)
2016-09-08 17:18

WordPress Update Resolves XSS, Path Traversal Vulnerabilities (Threatpost)
2016-09-08 16:23

Developers with WordPress are strongly encouraging users of the content management system to update to the most recent version, 4.6.1, released on Wednesday.

XSS flaw in D-Link NAS devices allows attackers to mess with your data (Help Net Security)
2016-08-29 19:26

Security researcher Benjamin Daniel Mussler has unearthed an XSS flaw affecting seven D-Link NAS devices – a flaw which could allow attackers to access the devices and peruse and change the stored...