Security News

D-Link has released patches for several remote code execution and cross-site scripting (XSS) vulnerabilities found by researchers in the company's Central WiFiManager access point management tool....

Online ad industry moves away from once prolific ads that are now deemed insecure because of DOM-based XSS vulnerabilities.

We're secure, says bank A pair of IT workers have criticised banks within the Lloyds Banking Group (LBG) for sub-standard security. The group denies anything is amiss, maintaining it follows...

Researchers have discovered a serious cross-site scripting (XSS) vulnerability affecting all desktop versions of Edward Snowden’s favourite security application, Signal.

Attacker could skip past developer protections and get nasty Electron developers need to check their apps, after a security researcher turned up a remote code execution bug in the framework.…

Drupal has patched several vulnerabilities – both moderately critical and critical – in two versions of its content management system platform.

One SQL injection and three cross-site scripting (XSS) vulnerabilities have been patched with the release of Joomla 3.8.4 last week. The latest version of the open-source content management system...

Google has warned DoubleClick customers that some of the files provided by third-party vendors through its advertising platform can introduce cross-site scripting (XSS) vulnerabilities. read more

Mozilla this week announced plans to boost the Cross-Site-Scripting (XSS) protections in Firefox by treating data URLs as unique origin. read more

Automattic has patched a reflected cross-site scripting vulnerability in the WooCommerce WordPress plugin.