Threat Post

WordPress XSS Bug Allows Drive-By Code Execution

Sites that use the Gutenberg (found in WordPress 5.0 to 5.2.2) are open to complete takeover. A just-patched stored cross-site scripting (XSS) vulnerability in WordPress allowed drive-by remote ...
eWeek

Applications Riddled With SQL Injection, XSS, Remote Code Execution Flaws

Dr. Chris Hillman, Global AI Lead at Teradata, joins eSpeaks to explore why open data ecosystems are becoming essential for enterprise AI success. In this episode, he breaks down how openness — in ...
Ars Technica

Spies hack high-value mail servers using an exploit from yesteryear

Threat actors, likely supported by the Russian government, hacked multiple high-value mail servers around the world by exploiting XSS vulnerabilities, a class of bug that was among the most commonly ...
TechNewsWorld

Ridding the Web of the XSS Scourge

Cross-site scripting (XSS)/SQL injection attacks have been blamed for numerous data breaches, perhaps most notably the nightmare of the Heartland Payment Systems data breach. This type of attack has ...
SlashGear

Seeing Weird Code Tweets? TweetDeck Hack Spams Twitter [Updated]

An exploit in popular Twitter client TweetDeck has seen the app taken offline and many users' timelines spammed with automatically retweeting code, though more dangerous exploits are also feared. The ...