According to a German researcher, a XSS bug in the latest (184.108.40.206) Skype version for Windows could allow attackers to inject malicious code into users' phone sessions and in the end even hijack their computers.
Faced with the reality that exploiting a single SQL Injection vulnerability or cross-site scripting (XSS) error in any web application could take down an organizationís entire software infrastructure, there is tremendous pressure to adopt quicker, more scalable approaches to application security.
A vulnerability has been reported in IBM WebSphere Portal, which can be exploited by malicious people to conduct cross-site scripting attacks, according to Secunia.
With the trend of targeted cyber attacks along with the exploitation of common vulnerabilities such as SQL injection, it is clear that the core software infrastructure of several critical industries remains extremely vulnerable.
A new Cenzic report reveals widespread Web application vulnerabilities, with 2,155 discovered - a third of which have both no known solution and an exploit code publicly available.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.