CSOonline

Threat Watch: Cross Site Request Forgery (CSRF)

After Cross Site Scripting (XSS), the second most common web application security exploit is probably one you haven’t heard of: Cross Site Request Forgery (or CSRF for short). This little-known but ...
Bleeping Computer

WordPress plugin bug lets hackers create rogue admin accounts

WordPress owners are advised to secure their websites by updating the Real-Time Find and Replace plugin to prevent attackers from injecting malicious code into their sites and creating rogue admin ...