Microsoft

Weaponizing cross site scripting: When one bug isn’t enough

Cross-Site Scripting (XSS) is often underestimated as a minor vulnerability. In reality, XSS can open the door to more severe attacks when combined with other vulnerabilities. This post is the second ...
SiliconANGLE

Anthropic automates software security reviews with Claude Code

Generative artificial intelligence startup Anthropic PBC today introduced the ability for Claude Code to automate software security reviews, identifying and fixing potential vulnerabilities and ...
CSOonline

‘Grafana Ghost’ XSS flaw exposes 47,000 servers to account takeover

A newly discovered cross-site scripting (XSS) vulnerability in Grafana — a widely used open-source analytics and visualization platform for developers — has put thousands of servers at risk of ...
GitHub

What is Cross-Site Scripting (XSS)

What is Cross-site scripting? Cross-site scripting (XSS) is a type of web application security vulnerability. XSS allows attackers to inject malicious scripts, most commonly client-side JavaScript, ...
Dark Reading

MITRE: Cross-Site Scripting Is 2024's Most Dangerous Software Weakness

Although a new methodology shook up the rankings of this year's most dangerous software bugs, the classic persistent threats still proved to be the biggest risk to organizations, reinforcing the need ...
CSOonline

What’s old is new again: AI is bringing XSS vulnerabilities back to the spotlight

Cross-site scripting vulnerabilities (XSS) have vexed cybersecurity professionals for 30 years. Following a CISA and FBI alert, experts say unless these flaws are fixed soon, AI models may ingest and ...
Executive Gov

CISA, FBI Issue Alert on Cross-Site Scripting Vulnerabilities

The Cybersecurity and Infrastructure Security Agency and the FBI have released a Secure by Design Alert concerning cross-site scripting vulnerabilities, or XSS. CISA said Tuesday that XSS can be ...