Here's some good news for Google App Engine developers: Google has released a new application security scanner that's especially fitting to test new app builds for cross-site scripting (XSS) and mixed content vulnerabilities.
It's pretty difficult to make information security predictions, and even more difficult to verify them afterwards: we can only judge the effectiveness of information security by the number of public security incidents that were uncovered, while the majority of data breaches remain undetected.
A new WordPress version has been released, and you better update to it, as it patches a critical cross-site scripting flaw that can be exploited by attackers to compromise your site.
Imperva released the results of its Web Application Attack Report (WAAR), the result of analysis of a subset of 99 applications protected by Imperva’s WAF over a period of nine months, from August 1, 2013 to April 30, 2014.
Pressure is mounting against eBay to quickly detect and remove bogus listings triggering cross-site scripting flaws to redirect users to phishing and other malicious pages.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.