In cyber security, attention is concentrated on the new -- zero-day exploits, for example, are big news and big business. But old threats can still cause big problems for organizations, even when the ...

Adam Stone writes on technology trends from Annapolis, Md., with a focus on government IT, military and first-responder technologies. The Department of Homeland Security has warned federal agencies ...

Illustration by Mark Todd In May, Web security consultant George Deglin discovered a cross-site scripting (XSS) exploit that involved Facebook’s controversial Instant Personalization feature. The ...

The cross-site scripting flaw could enable arbitrary code execution, information disclosure – and even account takeover. A high-severity flaw has been disclosed in TinyMCE, an open-source text editor ...

Cross-site scripting (XSS) is the most commonly exploited vulnerability, according to HackerOne, currently the largest platform aimed at connecting organisations with a community of white hat hackers ...

GitLab patched a high-severity vulnerability that unauthenticated attackers could exploit to take over user accounts in cross-site scripting (XSS) attacks. The security flaw (tracked as CVE-2024-4835) ...

British Airways data theft demonstrates need for cross-site scripting restrictions Your email has been sent A major airline suffered a data breach involving a cross ...

Editor’s Note: This story is excerpted from Computerworld. For more Mac coverage, visit Computerworld’s Macintosh Knowledge Center. Online payment provider PayPal has patched a critical cross-site ...

Auction site eBay has come in for criticism after appearing to drag its heels over fixing a cross-site scripting (XSS) vulnerability which allowed attackers to booby trap links redirecting users to a ...