Graham Cluley

How to monitor XSS attacks and other security threats on your website, in real-time

Cross-site scripting (XSS) is a form of exploit where an attacker somehow places malicious JavaScript into a webpage. It can potentially allow the attacker to gain access to your account, steal ...
ZDNet

XSS vulnerability found in popular WYSIWYG website editor

Discovered by Bishop Fox security consultant Chris Davis and publicly disclosed on Wednesday, the bug, tracked as CVE-2021-28114, impacts Froala version 3.2.6 and earlier. Froala is a lightweight What ...
Threat Post

TweetDeck Taken Down in Wake of XSS Attacks

TweetDeck said it temporarily has taken down its services after cross-site scripting exploit code circulated today. TweetDeck services have been disabled for the time being as Twitter tries to get a ...
Dark Reading

CISA Urges Software Makers to Eliminate XSS Flaws

The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are urging organizations to focus on eliminating cross-site scripting vulnerabilities in ...
Forbes

Twitter Experiences XSS Flaw In Tweetdeck

There are a lot of jobs in this world that I would not want to have. One of which would be the catcher on the javelin team and the other would be as a member of the Twitter Incident Response team. At ...
Bleeping Computer

Phishing campaign uses UPS.com XSS vuln to distribute malware

A clever UPS phishing campaign utilized an XSS vulnerability in UPS.com to push fake and malicious 'Invoice' Word documents. The phishing scam was first discovered by security research Daniel ...
Infosecurity-magazine.com

XSS is Most Rewarding Bug Bounty as CSRF is Revived

Cross-site scripting (XSS) is the most rewarding security vulnerability, according to data on the number of bug bounties paid. According to HackerOne’s top 10 most impactful security vulnerabilities, ...