One bug accidentally allowed Google to index user passwords.
Bug opened door for malicious link attack, giving hacker access to stored DJI drone data of commercial and consumer customers.
D-Link has released the beta version of the controller which addresses the reported vulnerabilities.
Old instances of the popular WordPress Duplicator Plugin are leaving sites open to remote code execution attacks.
The attack stems from a glitch in WebKit, an HTML layout browser engine in Apple’s Safari browser.
With the malicious code embedded into websites, the attacker can then piggyback on the trust level of the website and launch a variety of attacks.
The bugs include a reflected cross-site scripting glitch and a cross-site request forgery vulnerability.
IOActive analyzed 21 mobile stock trading platforms and found vulnerabilities that put transactions and personal information at risk. Of the 13 firms notified, only two acknowledged the disclosure.
Automattic has patched a reflected cross-site scripting vulnerability in the WooCommerce WordPress plugin.