Web Security

Okta Browser Plugin is available on multiple browsers like Edge, Chrome, Safari, and Firefox. Combining all these browsers, the plugin has over 5 million users. However, this plugin was discovered to have a Cross-site Scripting...

Since the Swap file stores data that the system's RAM cannot hold, these contents often contain critical data like passwords, encryption keys, and session data, due to which hackers often target Swap files. So, hackers...

Researchers identified a new variant of credit card skimming attack, the Caesar Cipher Skimmer, targeting multiple content management systems (CMS), including WordPress, Magento, and OpenCart.  The skimmer specifically targets the checkout process, injecting malicious code...

MSP leaders are advised to save the date for June 27. In a special session, called “3 Security Trends to Maximize MSP Growth” and hosted by Cynet, deeply experienced security experts will unpack insights...

Hackers use JavaScript frameworks since they offer a wide range of functionalities and tools that could be used to bypass detection, hide code, and carry out harmful acts. In addition, they take advantage of the...

A new vulnerability has been discovered in Telegram, allowing a threat actor to hijack a Telegram user session via XSS (Cross-Site Scripting). This vulnerability exists in Telegram WebK versions below 2.0.0. A CVE for this vulnerability...

A significant vulnerability was detected in IBM QRadar Suite Software and Cloud Pak for Security, allowing attackers to execute arbitrary JavaScript code. An attacker can insert harmful executable scripts into the code of a reliable...

Multiple vulnerabilities have been identified in PHP that are associated with Command Injection, Cookie Bypass, Account takeover, and Denial of Service. The CVEs for these vulnerabilities have been given as CVE-2024-1874, CVE-2024-2756, CVE-2024-3096, and CVE-2024-2757....

A Secure Web Gateway (SWG) is essential to any modern network infrastructure to protect users from online threats and enforce network-wide security regulations. By filtering and monitoring online traffic, it is possible to restrict access...

ZAP is a free and open-source web application security scanner. It is designed to be utilized by expert penetration testers as well as individuals who are new to application security.  It has received Flagship status...