A new type of cross-site scripting (XSS) attack that exploits commonly used network administration tools could be putting users' data at risk, a researcher says. Tyler Reguly, lead security research ...

Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers. Now ...

TikTok has patched a reflected XSS security flaw and a bug leading to account takeover impacting the firm's web domain. Reported via the bug bounty platform HackerOne by researcher Muhammed "milly" ...

The possible cyberattacks include disabling monitoring, location-tracking of children and malicious redirects of parent-console users. Canopy, a parental control app that offers a range of features ...

WordPress announced the 6.5.2 Maintenance and Security Release update that patches a store cross site scripting vulnerability and fixes over a dozen bugs in the core and the block editor. The same ...

A pair of zero-days affecting Pling-based marketplaces could allow for some ugly attacks on unsuspecting Linux enthusiasts — with no patches in sight. An unpatched stored cross-site-scripting (XSS) ...

Security researchers warn that the 'Advanced Custom Fields' and 'Advanced Custom Fields Pro' WordPress plugins, with millions of installs, are vulnerable to cross-site scripting attacks (XSS). The two ...

Security researchers have found eight serious cross-site scripting (XSS) flaws in Azure HDInsight, a big data processing service powered by open-source technologies like Apache Hadoop, Spark, Hive and ...

In today’s digital landscape, web applications are integral to our daily lives, enabling seamless interactions and transactions. However, this increased connectivity also opens the door to potential ...