Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve Continue reading WordPress Vulnerability & Patch Roundup April 2024
Cookie hijacking involves unauthorized access to cookies, which are small pieces of data stored on your browser by websites you visit. Cookies often contain sensitive information, including session tokens that authenticate users to a web application. By hijacking these cookies, Continue reading What is Cookie Hijacking
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve Continue reading WordPress Vulnerability & Patch Roundup March 2024
In January, my colleague reported about a new Balada Injector campaign found exploiting a recent vulnerability in the widely-used Popup Builder WordPress plugin which was initially disclosed back in November, 2023 by Marc Montpas. In the past three weeks, we’ve Continue reading New Malware Campaign Found Exploiting Stored XSS in Popup Builder < 4.2.3
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve Continue reading Vulnerability & Patch Roundup January 2024
On December 11, 2023 WPScan published Marc Montpas’ research on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was fixed in version 4.2.3. A couple of days later, on December 13th, the Balada Injector Continue reading Thousands of Sites with Popup Builder Compromised by Balada Injector
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve Continue reading WordPress Vulnerability & Patch Roundup December 2023
It’s always a good idea to be aware of the security issues that might affect your site. For example, cross-site scripting (XSS) attacks consist of injecting malicious client-side scripts into a website and using the site as a propagation method Continue reading What is a Content Security Policy (CSP)
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve Continue reading WordPress Vulnerability & Patch Roundup November 2023
Consumers spent a whopping $35.3 billion during last year’s cyber week shopping season. With Cyber Monday accounting for $11.3 billion in revenue alone, this period remains one of the biggest online shopping events of the year. Unfortunately, hackers are making Continue reading Black Friday & Cyber Monday Ecommerce Security Threats
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve Continue reading WordPress Vulnerability & Patch Roundup October 2023
In the middle of September 2023, vulnerability advisory resources disclosed the details of an Unauthenticated Stored XSS vulnerability in the tagDiv Composer (the companion plugin for the popular tagDiv premium themes Newspaper and Newsmag). Shortly after that, we started noticing Continue reading Balada Injector Targets Unpatched tagDiv Plugin, Newspaper Theme & WordPress Admins
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve Continue reading WordPress Vulnerability & Patch Roundup September 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve Continue reading WordPress Vulnerability & Patch Roundup August 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve Continue reading WordPress Vulnerability & Patch Roundup July 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve Continue reading WordPress Vulnerability & Patch Roundup June 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve Continue reading WordPress Vulnerability & Patch Roundup May 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve Continue reading WordPress Vulnerability & Patch Roundup April 2023
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners on emerging threats to their environments, we’ve Continue reading WordPress Vulnerability & Patch Roundup March 2023
When it comes to protecting your website from bad actors, there’s one threat you should be aware of: injection attacks. These attacks target weaknesses in your website’s security and are unfortunately quite common. In fact, the well-known organization OWASP ranks Continue reading The Top 10 Most Dangerous Types of Injection Attacks