Glassdoor, a website for job hunting and posting anonymous company reviews, has resolved a critical issue that could be exploited to take over accounts. Bug bounty researcher "Tabahi" (ta8ahi) found ...

The United States Government National Vulnerability Database (NVD) published an advisory about a vulnerability discovered in the WP Statistics WordPress plugin that affects up to 600,000 active ...

Redux, a popular WordPress plugin with more than 1 million active installations recently patched a vulnerability. The vulnerability allowed an attacker to bypass security measures in a Cross-Site ...

Facebook has fixed Instagram to remedy a cross-site request forgery (CSRF) vulnerability that could’ve put some photos users thought were private, out in the open. Until last week, some parts of the ...

PayPal recently fixed a vulnerability on its PayPal.me site that could’ve let an attacker change a user’s profile without their permission. PayPal recently fixed a vulnerability on its PayPal.me site ...

A deadly attack typically associated with Websites can also be used on LAN/WAN devices, such as DSL routers, according to a researcher who this week demonstrated cross-site request forgery (CSRF) ...

Yesterday, Vicente Aguilera Diaz from Internet Security Auditors released proof of concept of a CSRF (Cross-Site Request Forgery) vulnerability in Google's Gmail, which he originally communicated to ...

The WordPress team fixed a software flaw introduced in the 5.1 release that could allow potential attackers to perform stored cross-site scripting (XSS) attacks with the help of maliciously crafted ...

Security researcher Petko Petkov has revealed a cross-site request forgery vulnerability in Gmail that makes it possible for a malicious web site to surreptitiously add a filter to a user's Gmail ...