The Hacker News

Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations

Experts exploited an XSS flaw in StealC’s admin panel, exposing operator sessions, system details & stolen cookies without ...

StealC hackers hacked as researchers hijack malware control panels

A cross-site scripting (XSS) flaw in the web-based control panel used by operators of the StealC info-stealing malware ...

StealC Operators Exposed After Control Panel Hack

In an unusual twist, security researchers managed to turn the tables on cybercriminals behind StealC, a widely used ...
Bleeping Computer

Phishing campaign uses UPS.com XSS vuln to distribute malware

A clever UPS phishing campaign utilized an XSS vulnerability in UPS.com to push fake and malicious 'Invoice' Word documents. The phishing scam was first discovered by security research Daniel ...
eWeek

HackerOne Reports Bug Bounties Rise as XSS Remains the Top Flaw

Dr. Chris Hillman, Global AI Lead at Teradata, joins eSpeaks to explore why open data ecosystems are becoming essential for enterprise AI success. In this episode, he breaks down how openness — in ...
ZDNet

Google tackles XSS scripting flaws with new developer tools

Google has released two new tools for developers looking to protect web domains against XSS scripting security flaws. Cross-site scripting (XSS) is a common security issue web developers face today.
Dark Reading

CISA Urges Software Makers to Eliminate XSS Flaws

The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are urging organizations to focus on eliminating cross-site scripting vulnerabilities in ...
Infosecurity-magazine.com

XSS is Most Rewarding Bug Bounty as CSRF is Revived

Cross-site scripting (XSS) is the most rewarding security vulnerability, according to data on the number of bug bounties paid. According to HackerOne’s top 10 most impactful security vulnerabilities, ...