Computerworld

New cross-site scripting attack targets VoIP

Security researchers have found a way to execute cross-site scripting attacks through VoIP clients, introducing a dangerous new threat almost no one is guarding against, according to vendor Secure ...

Microsoft patches Exchange Server zero-day exploited in attacks

Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary ...
9to5Mac

Weird Apple Podcasts behavior could enable cross-site hacking attempts

If you’ve had Apple Podcasts open randomly to a show you don’t subscribe to, you’re not alone. Here’s what’s going on. A new report from 404 Media describes an odd situation in which the Apple ...
ExtremeTech

Steam patches flaw that exposed user profiles to drive-by attacks

Yesterday, news broke that Steam was affected by a cross-site scripting vulnerability that could compromise Steam account safety or be used to steal user data. The problem has since been corrected, ...