Publicly known “magic string” lets any site run malicious code, no questions asked. The Chrome browser extension for Cisco Systems WebEx communications...
User Enumeration is the capacity to automatically figure out if a given account is valid on a system. By enumerating client accounts, you are at...
Recently, we discovered a new Google Android Trojan named “PluginPhantom”, which steals many types of user information including: files, location data, contacts...
Experts from the White Fir Design discovered cybe rcriminals exploited a zero-day flaw in an e-commerce plugin for WordPress to upload a...
Compromised websites remain one of the surefire ways to redirect innocent visitors to exploit kits. During the past few days we’ve started seeing...
Last summer we shared a story about the SweetCaptcha WordPress plugin injecting ads and causing malvertising problems for websites that leveraged the plugin....
After a few critical bugs were recently discovered and patched in the core WordPress engine—a rarity with WordPress-related security issues—order has apparently...
We all know that one of the basic procedures to keep our computer system secure and free from viruses and malware is...
Researchers have identified a relatively “common” cross-site scripting flaw (XSS) in some famous WordPress plugins — A coordinated plugin update has been released to...
Yet another vulnerability has been found in the Yoast WordPress plugin that can be exploited by attackers allowing them to control the...
A number of websites have been put at risk due to a very popular plugin of the WordPress content management platform vulnerability...
WordPress’s MainWP Child Plugin has vulnerability… and it is very much exploitable. Researchers at Sucuri have identified a vulnerability in the MainWP...
A deep dive into Win32/Theola, one of the most malicious components of the notorious bootkit family, Win32/Mebroot.FX. Theola uses malicious Chrome browser...
Analysis of malicious code dubbed Win32/Caphaw (a.k.a. Shylock) attacking major European banks, with ability to automatically steal money when the user is...
Fraudsters continue to innovate their scam propagation methods. Again using Facebook and a pretense of a shocking video, they also utilize browser...