WeLiveSecurity

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

ESET Research has been closely tracking the cyberespionage operations of Winter Vivern for more than a year and, during our routine monitoring, we found that the group began exploiting a zero-day XSS ...
CSOonline

Email attack exploits vulnerability in Yahoo site to hijack accounts

The vulnerability is located in an old WordPress version used on the Yahoo Developer Network Blog site, Bitdefender researchers say Hackers behind a recently detected email attack campaign are ...
Searchenginejournal.com

Vulnerability in WordPress Google Analytics Plugin Hits +3 Million Websites

The National Vulnerability Database announced that a popular Google Analytics WordPress plugin installed in over 3 million was discovered to contain a Stored Cross-Site Scripting (XSS) vulnerability.