News

Bad news - your web firewall may definitely not be as resilient as you may have thought

Configuration oversights can still be leveraged in attacks - despite costly WAFs protecting the infrastructure.
Bleeping Computer4y

Phishing campaign uses UPS.com XSS vuln to distribute malware

A clever UPS phishing campaign utilized an XSS vulnerability in UPS.com to push fake and malicious 'Invoice' Word documents.
ZDNet10y

Netflix Sleepy Puppy XSS flaw detection tool goes open source

The XSS flaw detection tool also makes use of Python 2.7 with Flask, SQLAlchemy with configurable backend storage, the Ace Javascript editor and Html2Canvas JavaScript for screenshot capture, as ...
Business Insider13y

Forbes Exploited: XSS Vulnerabilities Allow Phishers to Hijack Sessions ...

Cross-site scripting flaws occur when an attacker can send a malicious script to a different user exploiting improperly terminated JavaScript. XSS flaws allow an attacker to place malicious code ...