The Hacker News — Most Popular Cyber Security, Hacking News Site: XSS vulnerability

Another Critical Flaw Found In Drupal Core—Patch Your Sites Immediately

Another Critical Flaw Found In Drupal Core—Patch Your Sites Immediately

April 18, 2018Swati Khandelwal
It's time to update your Drupal websites, once again. For the second time within a month , Drupal has been found vulnerable to anot...
Microsoft Issues Patches For Severe Flaws, Including Office Zero-Day & DNS Attack

Microsoft Issues Patches For Severe Flaws, Including Office Zero-Day & DNS Attack

October 10, 2017Swati Khandelwal
As part of its "October Patch Tuesday," Microsoft has today released a large batch of security updates to patch a total of 62 ...
Yahoo Flaw Allowed Hackers to Read Anyone's Emails

Yahoo Flaw Allowed Hackers to Read Anyone's Emails

December 08, 2016Swati Khandelwal
Yahoo has patched a critical security vulnerability in its Mail service that could have allowed an attacker to spy on any Yahoo user's i...
Hacker reports Vulnerability in Mr. Robot Season 2 Website

Hacker reports Vulnerability in Mr. Robot Season 2 Website

May 11, 2016Swati Khandelwal
Mr. Robot was the biggest 'Hacking Drama' television show of 2015 and its second season will return to American TV screens on Wed...
Simple Yet Effective eBay Bug Allows Hackers to Steal Passwords

Simple Yet Effective eBay Bug Allows Hackers to Steal Passwords

January 11, 2016Swati Khandelwal
A simple, yet effective flaw discovered on eBay's website exposed hundreds of millions of its customers to an advance  Phishing Atta...
200 Million WhatsApp Users Vulnerable to vCard Vulnerability

200 Million WhatsApp Users Vulnerable to vCard Vulnerability

September 08, 2015Swati Khandelwal
WhatsApp recently claimed to have hit 900 Million monthly active users , but a dangerous security flaw in the web version of the popula...
PayPal Vulnerability Allows Hackers to Steal All Your Money

PayPal Vulnerability Allows Hackers to Steal All Your Money

August 27, 2015Swati Khandelwal
A critical security vulnerability has been discovered in the global e-commerce business PayPal that could allow attackers to steal your logi...
WordPress 4.2.3 Security Update Released, Patches Critical Vulnerability

WordPress 4.2.3 Security Update Released, Patches Critical Vulnerability

July 23, 2015Swati Khandelwal
WordPress has just released the new version of its content management system (CMS), WordPress version 4.2.3 , to fix a critical security...
WordPress Vulnerability Puts Millions of Websites At Risk

WordPress Vulnerability Puts Millions of Websites At Risk

May 06, 2015Swati Khandelwal
Millions of WordPress websites are at risks of being completely hijacked by the hackers due to a critical cross-site scripting (XSS) vul...
'Google Analytics by Yoast' WordPress Plugin Patches Critical Vulnerability

'Google Analytics by Yoast' WordPress Plugin Patches Critical Vulnerability

March 20, 2015Wang Wei
Another popular WordPress plugin by Yoast has been found to be vulnerable to a critical flaw that could be exploited by hackers to hijack th...
Microsoft Internet Explorer Universal Cross-Site Scripting Flaw

Microsoft Internet Explorer Universal Cross-Site Scripting Flaw

February 04, 2015Swati Khandelwal
A serious vulnerability has been discovered in all the latest versions of Microsoft's Internet Explorer that allows malicious hackers to...
Google Apps Flaw Allowed Hacker to Hijack Account and Disable Two-factor Authentication

Google Apps Flaw Allowed Hacker to Hijack Account and Disable Two-factor Authentication

January 22, 2015Wang Wei
A critical cross-site scripting ( XSS ) vulnerability in the Google Apps administrator console allowed cyber criminals to force a Goog...
Alibaba Marketplace Vulnerability Puts Millions Of Shoppers at Risk

Alibaba Marketplace Vulnerability Puts Millions Of Shoppers at Risk

December 12, 2014Wang Wei
Alibaba Group has patched a major security vulnerability in one of its e-commerce portals that exposed account details of tens of milli...
Firing Range — Open Source Web App Vulnerability Scanning Tool From Google

Firing Range — Open Source Web App Vulnerability Scanning Tool From Google

November 20, 2014Wang Wei
Google on Tuesday launched a Security testing tool "Firing Range" , which aimed at improving the efficiency of automated Web a...
Malicious Kindle Ebook Let Hackers Take Over Your Amazon Account

Malicious Kindle Ebook Let Hackers Take Over Your Amazon Account

September 17, 2014Mohit Kumar
If you came across a Kindle e-book download link from any suspicious sources or somewhere other than Amazon itself, check twice before y...
Flickr Cross-Site Request Forgery Vulnerability Patched

Flickr Cross-Site Request Forgery Vulnerability Patched

August 06, 2014Wang Wei
Yahoo-owned Flickr, one of the biggest online photo management and sharing website in the world was recently impacted by a web application v...
Yahoo Toolbar Vulnerability Triggers Non-Exploitable XSS Payload on All Websites

Yahoo Toolbar Vulnerability Triggers Non-Exploitable XSS Payload on All Websites

June 10, 2014Wang Wei
Yahoo offers a web browser toolbar which includes apps for leading sites like Facebook, Yahoo! Mail, Weather and News. Yahoo Toolbar als...
Vulnerabilities in 'All in One SEO Pack' Wordpress Plugin Put Millions of Sites At Risk

Vulnerabilities in 'All in One SEO Pack' Wordpress Plugin Put Millions of Sites At Risk

May 31, 2014Wang Wei
Multiple Serious vulnerabilities have been discovered in the most famous ‘ All In One SEO Pack ’ plugin for WordPress, that put millions...
Worst Day for eBAY, Multiple Flaws leave Millions of Users vulnerable to Hackers

Worst Day for eBAY, Multiple Flaws leave Millions of Users vulnerable to Hackers

May 23, 2014Mohit Kumar
It's not been more than 36 hours since eBay revealed it was hacked and we just come to know about three more critical vulnerabilitie...
Feedly Android App Javascript Injection vulnerability exposes Millions of Users to Hackers

Feedly Android App Javascript Injection vulnerability exposes Millions of Users to Hackers

April 20, 2014Swati Khandelwal
When it comes to Android apps, even the simplest app could greatly compromise your privacy and security. Injecting malicious JavaScript in...