eWeek

Facebook Bully Video Actually an XSS Exploit

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. A security researcher discovered a new ...
Threat Post

TweetDeck Taken Down in Wake of XSS Attacks

TweetDeck said it temporarily has taken down its services after cross-site scripting exploit code circulated today. TweetDeck services have been disabled for the time being as Twitter tries to get a ...
Infosecurity-magazine.com

Yahoo! mail exploit on sale for $700

The exploit allows purveyors to hijack Yahoo! email accounts, redirecting legitimate users to malicious websites when they try to log on. The vulnerability and related entrepreneurial enterprise was ...
Computer Weekly

Zero-day exploit for Yahoo Mail goes on sale

A hacker is selling a $700 zero-day exploit for Yahoo Mail that lets an attacker use a cross-site scripting (XSS) vulnerability to steal cookies and hijack accounts. The hacker, known as “TheHell”, ...
Hackaday

Exploit-Me Firefox XSS And SQL Scanning Addon

[youtube=http://www.youtube.com/watch?v=RbL2ptbjoSA&hl=en&rel=0&color1=0x3a3a3a&color2=0x999999] One of the best tools we saw at LayerOne was the Exploit-Me series ...
Threat Post

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

A WordPress reservation plugin has a vulnerability that allows unauthenticated hackers to access reservation data stored by site owners. An easy-to-exploit bug impacting the WordPress plugin ReDi ...
TechNewsWorld

Ridding the Web of the XSS Scourge

Cross-site scripting (XSS)/SQL injection attacks have been blamed for numerous data breaches, perhaps most notably the nightmare of the Heartland Payment Systems data breach. This type of attack has ...