eWeek

Script Injection Makes Phishing Harder to Catch

eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More Cross-site scripting (XSS) attacks have become one of the ...
Bleeping Computer

Hacked WordPress sites use visitors' browsers to hack other sites

Hackers are conducting widescale attacks on WordPress sites to inject scripts that force visitors' browsers to bruteforce passwords for other sites. The campaign was first spotted by website ...
Searchenginejournal.com

Google Tag Manager Contains Hidden Data Leaks & Vulnerabilities

Researchers uncover data leaks in Google Tag Manager (GTM) as well as security vulnerabilities, arbitrary script injections and instances of consent for data collection enabled by default. A legal ...

Bonk.fun users at risk after hackers hijack domain to deploy wallet drainer

Users of the Solana-based memecoin launchpad Bonk.fun were urged to avoid the platform’s website after attackers compromised ...
Searchenginejournal.com

XSS Vulnerability Affects Beaver Builder WordPress Page Builder

Beaver Builder is a popular plugin that allows anyone to create a professional looking website using an easy to use drag and drop interface. Users can start with a predesigned template or create a ...
WeLiveSecurity

Cryptocurrency web mining: In union there is profit

In the last months, we stumbled upon some JavaScript files apparently used to mine cryptocurrencies directly within the browser. For a long time now, cybercriminals have taken advantage of ...