Even the most trustworthy-looking website could trick you into giving up personal details through cross-site scripting. Here's what you need to know about XSS attacks ...

A new type of cross-site scripting (XSS) attack that exploits commonly used network administration tools could be putting users' data at risk, a researcher says. Tyler Reguly, lead security research ...

In cyber security, attention is concentrated on the new -- zero-day exploits, for example, are big news and big business. But old threats can still cause big problems for organizations, even when the ...

Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers. Now ...

First disclosed on February 19, 2020, by a bug bounty hunter who goes by the name "Cr33pb0y" on HackerOne, the vulnerability is described as a "reflected XSS and CSP bypass" issue. The bug was found ...

What would the perfect phishing attack from a social engineering perspective? The one that compared to using typosquatted domains impersonating the bank's web application directory structure is in ...

The teen, identified as Pearce Delphin, 17, detected the cross-site scripting (XSS) flaw which allowed JavaScript code to appear as plain text in tweets that could then be launched on the browsers of ...

A recently added protection mechanism in IE8, intended to protect websites from cross-site scripting attacks, has ironically been revealed to contain a design flaw that would potentially allow the ...

Adobe released an important security hotfix for several versions of Coldfusion, resolving two bugs, Tuesday morning. Adobe today released an important security hotfix for several versions of its ...