#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

AliExpress | Breaking Cybersecurity News | The Hacker News

Category — AliExpress
Alibaba Marketplace Vulnerability Puts Millions Of Shoppers at Risk

Alibaba Marketplace Vulnerability Puts Millions Of Shoppers at Risk

Dec 12, 2014
Alibaba Group has patched a major security vulnerability in one of its e-commerce portals that exposed account details of tens of millions of Merchants and shoppers to cyber criminals. An Israeli application security firm, AppSec Labs, found a Cross site scripting (XSS) vulnerability in AliExpress, the company's English language e-commerce site that was found vulnerable to similar flaw a week ago that compromised personal information of Alibaba customers. The flaw was fixed shortly after Cybermoon security firm disclosed it to Alibaba. AliExpress is an online marketplace owned by Chinese E-Commerce giant Alibaba.com, also known as Google of China. The company serves more than 300 Million active users from more than 200 countries including the U.S., Russia and Brazil. But the critical vulnerability found by the researcher could allow an attacker to hijack merchant's account. Using AliExpress XSS vulnerability an attacker can inject any malicious payload script as v...
AliExpress WebSite Vulnerability Exposes Millions of Users' Private Information

AliExpress WebSite Vulnerability Exposes Millions of Users' Private Information

Dec 08, 2014
A critical, but easily exploitable personal information disclosure vulnerability has been discovered in the widely popular online marketplace AliExpress website that affects its millions of users worldwide. The reported vulnerability could allow anyone to steal personal information of hundreds of millions of AliExpress users without knowing their account passwords. AliExpress is an online marketplace owned by Chinese E-Commerce giant Alibaba.com , which offers more than 300 Million active users from more than 200 countries and regions to order items in bulk or one at a time at low wholesale prices. Amitay Dan , an Israeli application security researcher working at Cybermoon.cc, reported the vulnerability to The Hacker News after providing full disclosure of the flaw to the AliExpress team and Israeli media. According to the Proof-of-Concept video and screenshots provided by the security researcher to The Hacker News , AliExpress website allows logged in user to add...
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Crowdstrike Named A Leader In Endpoint Protection Platforms

Nov 22, 2024Endpoint Security / Threat Detection
CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.
Expert Insights / Articles Videos
Cybersecurity Resources