The Hacker News

Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations

Experts exploited an XSS flaw in StealC’s admin panel, exposing operator sessions, system details & stolen cookies without ...

StealC Operators Exposed After Control Panel Hack

In an unusual twist, security researchers managed to turn the tables on cybercriminals behind StealC, a widely used ...

StealC hackers hacked as researchers hijack malware control panels

A cross-site scripting (XSS) flaw in the web-based control panel used by operators of the StealC info-stealing malware ...
Bleeping Computer

Phishing campaign uses UPS.com XSS vuln to distribute malware

A clever UPS phishing campaign utilized an XSS vulnerability in UPS.com to push fake and malicious 'Invoice' Word documents. The phishing scam was first discovered by security research Daniel ...
Dark Reading

CISA Urges Software Makers to Eliminate XSS Flaws

The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are urging organizations to focus on eliminating cross-site scripting vulnerabilities in ...
Infosecurity-magazine.com

CISA Issues Advice to Help Eliminate XSS Bugs

A leading US security agency has released some timely advice designed to raise awareness about coding best practice to eliminate one of the most common classes of software vulnerability. Teaming up ...
ZDNet

Google to remove Chrome's built-in XSS protection (XSS Auditor)

Google engineers plan to remove a Chrome security feature that has not been living up to par with the protections with was supposed to provide for years. Named XSS Auditor, the feature was added to ...