Security consultant says two-thirds of sites are vulnerable to cross-site script attacks, and about half are never fixed A majority of Web sites have at least one major security issue that could be ...

A critical vulnerability was discovered in a popular WordPress security plugin with over 4 million installations. The flaw allows attackers to log in as any user, including administrators, and gain ...

A large-scale phishing campaign targets WooCommerce users with a fake security alert urging them to download a "critical patch" that adds a Wordpress backdoor to the site. Recipients that take the ...

Web sites rigged with malicious code are becoming more numerous by the day, but the time those sites are online is declining, according to new research from security vendor AVG Technologies. AVG is ...

The SANS Institute at sans.org is an excellent starting point for all sorts of information about security. In particular, SANS has two mailing lists that are essential to any system administrator’s ...