Computerworld

How to defeat the new No. 1 security threat: cross-site scripting

Cross-site scripting, often abbreviated XSS, is a class of Web security issues. A recent research report stated that XSS is now the top security risk. In a typical XSS scenario, a Web page might use ...
Searchenginejournal.com

WordPress Google Fonts Plugin Vulnerability Affects Up To +300,000 Sites

A vulnerability rated as High was recently patched in a Google Fonts optimization plugin for WordPress, allowing attackers to delete entire directories and upload malicious scripts. The vulnerability ...
Bleeping Computer

CISA: Roundcube email server bug now exploited in attacks

CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks. The security flaw (CVE-2023-43770) is a persistent ...
Bleeping Computer

Latest Cross-Site Scripting news

Starting in mid-to-late October 2026, Microsoft will enhance the security of the Entra ID authentication system against external script injection attacks. A declassified report from Romania's ...
ExtremeTech

Steam patches flaw that exposed user profiles to drive-by attacks

Yesterday, news broke that Steam was affected by a cross-site scripting vulnerability that could compromise Steam account safety or be used to steal user data. The problem has since been corrected, ...