DNS server attacks begin using BIND software flaw
Attackers have started exploiting a flaw in the most widely used software for the DNS (Domain Name System), which translates domain names into IP addresses.
Jeremy Kirk | 03 Aug | Read more
Attackers have started exploiting a flaw in the most widely used software for the DNS (Domain Name System), which translates domain names into IP addresses.
Jeremy Kirk | 03 Aug | Read more
Attackers are using a sneaky method to steal payment card data from websites using Magento, eBay's widely used e-commerce platform.
Jeremy Kirk | 26 Jun | Read more
Website owners are complaining that a free security tool started displaying unwanted advertising pop-ups to their visitors.
Jeremy Kirk | 10 Jun | Read more
A new WordPress version released Thursday fixes two critical cross-site scripting (XSS) vulnerabilities that could allow attackers to compromise websites.
Lucian Constantin | 08 May | Read more
E-commerce platform Magento has stressed its customers need to update to the latest version of its software following reports of new attacks that could expose credit card details.
Those using Magento's e-commerce platform should ensure they're using its latest software, as attackers are increasingly exploiting a flaw patched two months ago, security companies warned.
Jeremy Kirk | 24 Apr | Read more
Ambiguous WordPress documentation led many plug-in and theme developers to make an error that exposed websites to cross-site scripting (XSS) attacks.
Lucian Constantin | 22 Apr | Read more
A vulnerability in the popular WP Super Cache plug-in for WordPress could allow attackers to inject malicious scripts into websites. The scripts, when loaded by administrators, could trigger unauthorized actions.
Lucian Constantin | 09 Apr | Read more
Wordpress is one of the most popular Web publishing platforms. The vast catalog of plugins is part of what makes Wordpress so powerful, but it can also be the Achilles heel. According to security researchers at Sucuri there are a million-plus Wordpress sites exposed to serious risk, thanks to a flaw in the WP-Slimstat plugin.
Tony Bradley | 27 Feb | Read more
WordPress site owners using the WP-Slimstat plug-in installed should upgrade it to the latest version immediately in order to fix a critical vulnerability, security researchers warn.
Lucian Constantin | 26 Feb | Read more
WordPress sites with the plug-in Fancybox-for-WordPress should apply a critical security update released Thursday that fixes a vulnerability already exploited by attackers.
Lucian Constantin | 06 Feb | Read more
A critical vulnerability in glibc, a core Linux library, can be exploited remotely through WordPress and likely other PHP applications to compromise Web servers.
Lucian Constantin | 31 Jan | Read more
Google has stopped a widespread malicious advertising attack that bounced Web surfers to dodgy sites hawking weight loss and skin care products.
Jeremy Kirk | 15 Jan | Read more
New security updates released for the WordPress content management system and one of its popular plug-ins fix cross-site scripting (XSS) vulnerabilities that could allow attackers to take control of websites.
Lucian Constantin | 22 Nov | Read more
Users of Drupal, one of the most popular content management systems, should consider their sites compromised if they didn't immediately apply a security patch released on Oct. 15.
Lucian Constantin | 31 Oct | Read more