PayPal stored XSS vulnerability exposed
Bitdefender researchers have located a stored XSS vulnerability in PayPal that leaves the e-payment service open for hackers to upload maliciously crafted files, capable of …
Open source Sleepy Puppy tool finds XSS bugs in target apps and beyond
Since Monday, security pros can add another XSS-finding tool to their arsenal, as Netflix has open sourced their cross-site scripting payload management framework dubbed …
Persistent cyber spies try to impersonate security researchers
Rocket Kitten, a cyber espionage group that mostly targets individuals in the Middle East, has been spotted attempting to impersonate security researchers.The group’s …
Vulnerable gambling apps put corporate data at risk
Based on an analysis of hundreds of thousands of scans of mobile apps installed in actual corporate environments, Veracode found that the average global enterprise has …
It’s undeniable, IoT will change security forever
Over 20 percent of enterprises will have digital security services devoted to protecting business initiatives using devices and services in the Internet of Things (IoT) by …
Clever Android ransomware infects tens of thousands of devices
“A new, improved variant of the Android Simplocker ransomware is lurking on third-party app stores. “We estimate that tens of thousands of devices have been …
Cyber crooks opt for APT method for delivering malware
“Delivering malware without it being flagged by users and security solutions is one of the biggest challenges malware peddlers face. Luckily for them, if they …
Major browser makers synchronize end of support for RC4
Mozilla, Google and Microsoft have come to an agreement: support for the increasingly vulnerable RC4 cryptographic cypher in the companies’ browsers will end in early …
Popular Android AppLock app full of gaping security holes
AppLock, by DoMobile, is a very popular Android app for limiting access to certain content on the device (text messages, photos, videos, etc.). The user decides what content …
0-days found in widely used Belkin router, fixes still unavailable
CERT/CC has issued a warning about the existence of several serious zero-day vulnerabilities affecting the popular Belkin N600 routers, and has offered advice on how users can …
95% of websites in 10 new TLDs are suspicious
Much has changed since the early days of the Internet when the Web had only six common top level domains (TLDs). Back then, what most consumers and businesses encountered were …
Snoopers’ Charter will cause extreme rise in business costs
The UK Government’s Investigatory Powers Bill, dubbed ‘Snoopers’ Charter’ by critics, has already been met with contention from tech giants, Google, Facebook and Microsoft, …
Featured news
Resources
Don't miss
- Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)
- LinkedIn now uses your data for AI by default, opt out now!
- Behind the scenes of cURL with its founder: Releases, updates, and security
- Product showcase: Exaforce – The full lifecycle AI SOC platform
- AI made crypto scams far more dangerous