CSOonline

What is XSS? Cross-site scripting attacks explained

Cross-site scripting (XSS) is a cyberattack in which a hacker enters malicious code into a web form or web application url. This malicious code, written in a scripting language like JavaScript or PHP, ...
Ars Technica

How a website flaw turned 22,000 visitors into a botnet of DDoS zombies

Researchers have uncovered a recent denial-of-service attack that employed an unusual, if not unprecedented, technique to surreptitiously cause thousands of everyday Internet users to bombard the ...
Searchenginejournal.com

WordPress Stored XSS Vulnerability – Update Now

WordPress announced a security update to fix two vulnerabilities that could provide an attacker with the opportunity to stage a full site takeover. Among the two vulnerabilities, the most serious one ...
ZDNet

PayPal fixes reflected XSS vulnerability in user wallet currency converter

First disclosed on February 19, 2020, by a bug bounty hunter who goes by the name "Cr33pb0y" on HackerOne, the vulnerability is described as a "reflected XSS and CSP bypass" issue. The bug was found ...
ZDNet

Discord desktop app vulnerability chain triggered remote code execution attacks

Discord has patched a critical issue in the desktop version of the messaging app which left users vulnerable to remote code execution (RCE) attacks. Bug bounty hunter Masato Kinugawa developed an ...