web application security
Rails security scanner Brakeman 3.0.0 released
Brakeman is an open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at …
Four cyber security risks not to be taken for granted
It’s pretty difficult to make information security predictions, and even more difficult to verify them afterwards: we can only judge the effectiveness of information …
Info of millions of AliExpress customers could have been harvested due to site flaw
A programming flaw in the code of popular online marketplace AliExpress, which connects small Chinese businesses with international buyers and has over 7.7 million registered …
Google open sources Firing Range, a test tool for web app security scanners
Google has open sourced another security tool: it’s called Firing Range, and it’s an effective testing ground for a variety of automated web application security …
Assume your Drupal 7 site has been compromised
Administrators of sites that run Drupal 7, and have not yet updated to version 7.32 or have done so later than 7 hours after the public revelation of the highly critical SQL …
Easily exploitable Drupal bug can lead to total site compromise
Admins of sites that run Drupal 7 are advised to update to the latest version of the platform – version 7.32 – because it fixes a critical SQL injection …
Personal info of 850k Oregon jobseekers potentially compromised
851,322 individuals who used Oregon Employment Department’s WorkSource Oregon Management Information System (WOMIS) will soon be receiving notices that they information …
Joomla update fixes high risk bug that could lead to site compromise
The developer team behind the popular open-source content management system Joomla is urging users to update the software to the latest version – v3.3.6 (or v3.2.7 for …
XSS bug allows Amazon account hijacking
A recurring XSS bug in Amazon’s Kindle Library, i.e. the “Manage your Kindle” web application, can be exploited by attackers looking to hijack users’ …
Coursera privacy issues exposed
When well-known lawyer and Stanford law lecturer Jonathan Mayer was invited to teach a course on government surveillance on Coursera, the popular online website offering free …
How important is website security?
In this interview, Nicholas Sciberras, Product Manager at Acunetix, illustrates why website security should be a priority in any organization. He talks about the challenges …
Disqus WordPress plugin vulnerabilities
During a penetration testing for a client, Australian based independent security consultant Nik Cubrilovic, discovered a couple of security issues within the very popular …
Featured news
Resources
Don't miss
- Lessons for organizations from the Verizon 2026 Data Breach Investigations Report
- OpenHack: Open-source AI-powered vulnerability research
- Boards want cyber risk in dollars, not CVE counts
- $20 per zero-day is already the WordPress plugin reality
- Deleted Google API keys keep working for up to 23 minutes, researchers warn