XSS

Russia-linked hackers target webmail servers in Ukraine-related espionage operation

APT, cyber espionage, email security, ESET, News, Russian Federation, XSS /

Russia-linked hackers target webmail servers in Ukraine-related espionage operation 2025-05-15 at 12:01 By Help Net Security ESET researchers have uncovered RoundPress, a Russia-aligned espionage operation targeting webmail servers via XSS vulnerabilities. Behind it is most likely the Russia-aligned Sednit (also known as Fancy Bear or APT28) cyberespionage group, holding the ultimate goal of stealing confidential […]

React to this headline:

Loading spinner

Russia-linked hackers target webmail servers in Ukraine-related espionage operation Read More »

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw

exploited, Krpano, vr, Vulnerabilities, XSS /

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw 2025-02-27 at 15:22 By Eduard Kovacs The websites of dozens of major private and government organizations have been abused in a massive spam campaign that involves exploitation of a vulnerability affecting widely used virtual tour software. The attacks were observed recently by

React to this headline:

Loading spinner

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw Read More »

Dalfox: Open-source XSS scanner

Don't miss, GitHub, News, open source, penetration testing, scanning, software, XSS /

Dalfox: Open-source XSS scanner 2025-02-26 at 08:20 By Mirko Zorz DalFox is an open-source tool for automating the detection of XSS vulnerabilities. With powerful testing capabilities and a wide range of features, it makes scanning, analyzing parameters, and verifying vulnerabilities faster and easier. “The uniqueness of Dalfox lies in its speed and ability to easily

React to this headline:

Loading spinner

Dalfox: Open-source XSS scanner Read More »

CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities

CISA, Government, secure by design, Vulnerabilities, XSS /

CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities 2024-09-18 at 15:31 By Ionut Arghire CISA and the FBI have released an alert on XSS vulnerabilities, urging organizations to adopt a secure by design approach and eliminate them. The post CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities Read More »

Millions of Websites Susceptible XSS Attack via OAuth Implementation Flaw

Application Security, Featured, OAuth, Vulnerabilities, XSS /

Millions of Websites Susceptible XSS Attack via OAuth Implementation Flaw 2024-07-29 at 15:16 By Kevin Townsend Researchers discovered and published details of an XSS attack that could potentially impact millions of websites around the world. The post Millions of Websites Susceptible XSS Attack via OAuth Implementation Flaw appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Millions of Websites Susceptible XSS Attack via OAuth Implementation Flaw Read More »

ResumeLooters target job search sites in extensive data heist

cybercrime, cybersecurity, Group-IB, News, security assessment, SQL injection, XSS /

ResumeLooters target job search sites in extensive data heist 2024-02-06 at 12:47 By Help Net Security Group-IB identified a large-scale malicious campaign primarily targeting job search and retail websites of companies in the Asia-Pacific region. The group, dubbed ResumeLooters, successfully infected at least 65 websites between November and December 2023 through SQL injection and XSS

React to this headline:

Loading spinner

ResumeLooters target job search sites in extensive data heist Read More »

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery

Azure, cloud security, Vulnerabilities, XSS /

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery 14/09/2023 at 16:18 By Ionut Arghire Orca Security details eight XSS vulnerabilities in Azure HDInsight that could lead to information leaks, session hijacking, and payload delivery. The post Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery Read More »

Hackers Target Reddit Alternative Lemmy via Zero-Day Vulnerability

Lemmy, Vulnerabilities, XSS /

Hackers Target Reddit Alternative Lemmy via Zero-Day Vulnerability 14/07/2023 at 14:34 By Eduard Kovacs Several instances of the Reddit alternative Lemmy were hacked in recent days by attackers who had exploited a zero-day vulnerability. The post Hackers Target Reddit Alternative Lemmy via Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Hackers Target Reddit Alternative Lemmy via Zero-Day Vulnerability Read More »

Scroll to Top