In cyber security, attention is concentrated on the new -- zero-day exploits, for example, are big news and big business. But old threats can still cause big problems for organizations, even when the ...

Wix websites are vulnerable to reflective DOM cross-site scripting attack that could give attackers control of user’s websites. Update Cloud-based web host Wix.com is vulnerable to a DOM-based ...

A new type of cross-site scripting (XSS) attack that exploits commonly used network administration tools could be putting users' data at risk, a researcher says. Tyler Reguly, lead security research ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

Online ad industry moves away from once prolific ads that are now deemed insecure because of DOM-based XSS vulnerabilities. Certain types of online ads that expand, contract and pop-open aren’t just ...

Cross-site scripting flaws are the most prevalent vulnerabilities found in Web applications, posing a risk to data and intellectual property, according to a study of thousands of applications by ...

Security researchers have found eight serious cross-site scripting (XSS) flaws in Azure HDInsight, a big data processing service powered by open-source technologies like Apache Hadoop, Spark, Hive and ...

Even the most trustworthy-looking website could trick you into giving up personal details through cross-site scripting. Here’s what you need to know about XSS attacks. It’s easy to become convinced of ...

A major airline suffered a data breach involving a cross-site scripting attack. Learn how it happened and how you can protect your organization. Researchers from RiskIQ have published details on the ...

In May, Web security consultant George Deglin discovered a cross-site scripting (XSS) exploit that involved Facebook's controversial Instant Personalization feature. The exploit ran on Yelp, one of ...