Security News

A change made several months ago in an open-source JavaScript library introduced a cross-site scripting (XSS) vulnerability in Google Search and likely other Google products. read more

Researchers have offered more detail on a recently patched vulnerability that would allow an attacker to take over a WordPress site.

Not on 5.1.1? You should be A newly revealed vuln in the open-source CMS WordPress allows an unauthenticated website attacker to remotely execute code – potentially letting naughty folk delete or...

A researcher says he has discovered yet another critical cross-site scripting (XSS) vulnerability in Yahoo Mail. The recently patched flaw could have been exploited to steal the targeted user’s...

Online-note-sharing company Evernote has patched a hole that allowed attackers to infect notes shared via its service.

The patch for a recently disclosed cross-site scripting (XSS) vulnerability in Branch.io introduced another similar flaw, a security researcher revealed last week. read more

Hundreds of millions of users may have been exposed to cross-site scripting (XSS) attacks due to a vulnerability present in Branch.io, a service used by Tinder, Shopify, Yelp and many others. read more

D-Link has released patches for several remote code execution and cross-site scripting (XSS) vulnerabilities found by researchers in the company's Central WiFiManager access point management tool....

Online ad industry moves away from once prolific ads that are now deemed insecure because of DOM-based XSS vulnerabilities.

We're secure, says bank A pair of IT workers have criticised banks within the Lloyds Banking Group (LBG) for sub-standard security. The group denies anything is amiss, maintaining it follows...