Glassdoor, a website for job hunting and posting anonymous company reviews, has resolved a critical issue that could be exploited to take over accounts. Bug bounty researcher "Tabahi" (ta8ahi) found ...

Researchers from Princeton University today revealed their discovery of four major Websites susceptible to the silent-but-deadly cross-site request forgery (CSRF) attack -- including one on ...

Users of Asus RT-N and RT-AC series routers should install the latest firmware updates released for their models because they address vulnerabilities that could allow attackers to hijack router ...

Cross site request forgery (CSRF) is a powerful attack that can have devastating consequences. It's not a new attack, but new tools are released every year because Web developers don't always write ...

Cross-site request forgery (CSRF) attacks are becoming a more common attack method used by hackers. These attacks take advantage of the trust a website has for a user’s input and browser. The victim ...

The United States Government National Vulnerability Database (NVD) published an advisory about a vulnerability discovered in the WP Statistics WordPress plugin that affects up to 600,000 active ...

French researcher Kafeine has found an exploit kit delivering cross-site request forgery attacks that focus on SOHO routers and changing DNS settings to redirect to malicious sites. Attacks targeting ...

GoDaddy has patched a cross-site request forgery (CSRF) vulnerability that would allow hackers to take over domains registered with the domain registration company. Security researcher Dylan ...

Yesterday, Vicente Aguilera Diaz from Internet Security Auditors released proof of concept of a CSRF (Cross-Site Request Forgery) vulnerability in Google's Gmail, which he originally communicated to ...