[youtube=http://www.youtube.com/watch?v=RbL2ptbjoSA&hl=en&rel=0&color1=0x3a3a3a&color2=0x999999] One of the best tools we saw at LayerOne was the Exploit-Me series ...

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. A security researcher discovered a new ...

A WordPress reservation plugin has a vulnerability that allows unauthenticated hackers to access reservation data stored by site owners. An easy-to-exploit bug impacting the WordPress plugin ReDi ...

Sites that use the Gutenberg (found in WordPress 5.0 to 5.2.2) are open to complete takeover. A just-patched stored cross-site scripting (XSS) vulnerability in WordPress allowed drive-by remote ...

Hackers are now targeting 1.5 million WordPress websites. To do so, they are reportedly focusing on exploiting the cookie consent plugin. Beautiful Cookie Consent Banner was the Target of Hackers Due ...

A hacker is selling a $700 zero-day exploit for Yahoo Mail that lets an attacker use a cross-site scripting (XSS) vulnerability to steal cookies and hijack accounts. The hacker, known as “TheHell”, ...

ESET Research has discovered a significant cybersecurity threat as the Winter Vivern group exploited a zero-day cross-site scripting (XSS) vulnerability in the Roundcube Webmail server. The new ...

A cross-site scripting bug in Twitter's TweetDeck tool caused trouble for many users on Wednesday, and potentially opened up many other users to XSS attacks. A researcher tweeted the vulnerability ...

A zero-day vulnerability in yahoo.com that lets attackers hijack Yahoo! email accounts and redirect users to malicious Web sites offers a fascinating glimpse into the underground market for ...

Late last night reports started coming in suggesting that Yahoo Mail users have had their accounts hacked. While “hacked” is a very broad term nowadays, it does appear that Yahoo email accounts are ...