Don't-Miss Web App Stories

code programming software bugs cybersecurity

Drupal fixes critical access bypass vulnerability

The Drupal project has released a patch to fix a critical access bypass vulnerability that could put websites at risk of hacking.

keyboard money euro fraud

Unpatched vulnerability exposes Magento online shops to hacking

An unpatched vulnerability in the Magento e-commerce platform could allow hackers to upload and execute malicious code on web servers that host online shops.

security code big data cyberespionage DDoS

Apache Struts 2 exploit used to install ransomware on servers

Attackers are exploiting a vulnerability patched last month in the Apache Struts web development framework to install ransomware on servers.

security code big data cyberespionage DDoS

Millions of websites affected by unpatched flaw in Microsoft IIS 6 web server

A proof-of-concept exploit has been published for a zero-day vulnerability in Microsoft Internet Information Services 6.0, a version of the web server that's no longer supported.

code programming software bugs cybersecurity

Flaws in Moodle CMS put thousands of e-learning websites at risk

Organizations that use the popular Moodle learning management system should deploy the latest patches as soon as possible because they fix vulnerabilities that could allow attackers to take over web servers.

Adware security

Malicious uploads allowed hijacking of WhatsApp and Telegram accounts

A vulnerability patched in the web-based versions of encrypted communications services WhatsApp and Telegram would have allowed attackers to take over accounts by sending users malicious files masquerading as images or videos.

code programming software bugs cybersecurity

Hackers exploit Apache Struts vulnerability to compromise corporate web servers

Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers.

chrome intro

Chrome for MacOS will block rogue ad injections and settings changes

Google has expanded its Safe Browsing service, allowing Google Chrome on macOS to better protect users from programs that locally inject ads into web pages or that change the browser's home page and search settings.

wordpress

WordPress silently fixes dangerous code injection vulnerability

Developers of the widely used WordPress content management system intentionally delayed announcing that a recent patch fixed a severe vulnerability.

robot hacking security A.I.

Plone dismisses claim that flaw in its CMS was used to hack FBI

The security team behind the Plone content management system has dismissed claims that hackers have access to information about an unpatched critical vulnerability.

robot hacking security A.I.

Critical flaw in PHPMailer library puts millions of websites at risk

A critical remote code execution vulnerability in PHPMailer, one of the most widely used PHP email sending libraries, could put millions of websites at risk of hacking.

mans eye with raised eyebrow dv360013e

14 eyebrow-raising personal details Google knows about you

Some are fascinating, others are frightening, but here's how to find out what Google has on you.

dog listening 100508379 orig

Does Google listen in on your life? Should it?

A widely held myth says Google eavesdrops on your life to improve search results. It doesn't, but should it?

security hacker privacy

Joomla websites attacked en masse using recently patched exploits

Attackers are aggressively attacking Joomla-based websites by exploiting two critical vulnerabilities patched last week.

mozilla firefox logo

Mozilla promises a next-gen Firefox engine that will deliver huge improvements

Mozilla says the new Project Quantum engine at the heart of its Mozilla web browser will be "blazing fast," both for web browsing as well as apps.