#web-security

[ follow ]
#cors
fromRaymondcamden
1 week ago
Angular

Adding CORS to Your BoxLang APIs

CORS enables secure resource sharing across domains, essential for developing accessible APIs.
fromRaymondcamden
1 week ago
Angular

Adding CORS to Your BoxLang APIs

CORS enables secure resource sharing across domains, essential for developing accessible APIs.
more#cors
#privacy
fromTheregister
3 weeks ago
Privacy technologies

Chrome preps fix for browser history spying

Chrome's forthcoming update aims to disable a 23-year-old privacy vulnerability related to browser history sniffing.
fromZDNET
3 months ago
Miscellaneous

How to easily use Cloudflare's secure DNS on your Mac and why it even matters

Secure DNS encrypts your browsing data, enhancing privacy and security across devices.
fromTheregister
3 weeks ago
Privacy technologies

Chrome preps fix for browser history spying

Chrome's forthcoming update aims to disable a 23-year-old privacy vulnerability related to browser history sniffing.
fromZDNET
3 months ago
Miscellaneous

How to easily use Cloudflare's secure DNS on your Mac and why it even matters

Secure DNS encrypts your browsing data, enhancing privacy and security across devices.
more#privacy
#cybersecurity
Web frameworks
fromTechzine Global
1 month ago

The browser is riddled with bugs, 2025 may squash them

SquareX's initiative emphasizes the urgent need to address browser security vulnerabilities as web browsers are critical yet often overlooked in cybersecurity.
JavaScript
fromTheregister
10 months ago

Remove Polyfill.io code from your website immediately

Polyfill.io domain used for malware infection, prompting urgent removal of JavaScript code for affected websites.
fromThe Hacker News
4 weeks ago
Web development

Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images

Threat actors exploit WordPress mu-plugins directory for hidden malware, enabling persistent remote access and redirecting users to phishing sites.
fromCodeProject
7 months ago
JavaScript

4 Ways to Prevent XSS Attacks: A Comprehensive Guide

XSS is a significant web security vulnerability that leads to data theft and unauthorized user actions.
fromCodeProject
8 months ago
Information security

Understanding CSRF: Methods to Protect Your Applications from Cross-Site Request Forgery

CSRF attacks can compromise user security by executing unwanted actions without their consent.
fromInfoQ
7 months ago
DevOps

Cloudflare Introduces Automatic SSL/TLS to Secure and Simplify Origin Server Connectivity

Cloudflare's new Automatic SSL/TLS settings enhance security and reduce downtime risks for origin server connections.
Web frameworks
fromTechzine Global
1 month ago

The browser is riddled with bugs, 2025 may squash them

SquareX's initiative emphasizes the urgent need to address browser security vulnerabilities as web browsers are critical yet often overlooked in cybersecurity.
JavaScript
fromTheregister
10 months ago

Remove Polyfill.io code from your website immediately

Polyfill.io domain used for malware infection, prompting urgent removal of JavaScript code for affected websites.
fromThe Hacker News
4 weeks ago
Web development

Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images

Threat actors exploit WordPress mu-plugins directory for hidden malware, enabling persistent remote access and redirecting users to phishing sites.
fromCodeProject
7 months ago
JavaScript

4 Ways to Prevent XSS Attacks: A Comprehensive Guide

XSS is a significant web security vulnerability that leads to data theft and unauthorized user actions.
fromCodeProject
8 months ago
Information security

Understanding CSRF: Methods to Protect Your Applications from Cross-Site Request Forgery

CSRF attacks can compromise user security by executing unwanted actions without their consent.
fromInfoQ
7 months ago
DevOps

Cloudflare Introduces Automatic SSL/TLS to Secure and Simplify Origin Server Connectivity

Cloudflare's new Automatic SSL/TLS settings enhance security and reduce downtime risks for origin server connections.
more#cybersecurity
Privacy technologies
fromZDNET
1 month ago

You have 4 days to update Firefox before everything breaks

Firefox users must update to version 128 to avoid major functionality issues due to an expired root certificate.
fromHackernoon
1 month ago
Information security

The Internet Is Full of Duplicate Requests-Here's How Smart Developers Prevent Them | HackerNoon

Request security is critical in web application development to prevent data leaks and financial errors.
Implementing idempotency keys prevents duplicate operations and maintains data integrity.
#user-experience
Privacy technologies
fromZDNET
1 month ago

Google Chrome is killing more extensions than you think - is your old favorite on the list?

Manifest V3 enhances Chrome security but blocks unsupported extensions, increasing user challenges.
fromTechCrunch
3 months ago
JavaScript

Google begins requiring JavaScript for Google Search | TechCrunch

Google requires users to enable JavaScript to enhance security and improve search experiences.
Privacy technologies
fromZDNET
1 month ago

Google Chrome is killing more extensions than you think - is your old favorite on the list?

Manifest V3 enhances Chrome security but blocks unsupported extensions, increasing user challenges.
fromTechCrunch
3 months ago
JavaScript

Google begins requiring JavaScript for Google Search | TechCrunch

Google requires users to enable JavaScript to enhance security and improve search experiences.
more#user-experience
#xss
fromNist
3 months ago
Web design

NVD

Stored XSS vulnerability due to improper input handling found in Responsive jQuery Slider.
Affected versions are from n/a through 1.1.1, necessitating updates.
fromNist
2 months ago
Medicine

NVD

CSRF vulnerability in Rishi On Page SEO affects versions up to 2.0.0 and allows for Stored XSS attacks.
fromNist
3 months ago
Web design

NVD

Stored XSS vulnerability due to improper input handling found in Responsive jQuery Slider.
Affected versions are from n/a through 1.1.1, necessitating updates.
fromNist
2 months ago
Medicine

NVD

CSRF vulnerability in Rishi On Page SEO affects versions up to 2.0.0 and allows for Stored XSS attacks.
more#xss
fromWord to the Wise
2 months ago
Miscellaneous

Don't add your domain to the Public Suffix List

The Public Suffix List helps maintain cookie privacy but can break email functionality if domains are registered.
Registering subdomains in the Public Suffix List can enhance security but poses risks for DMARC alignment.
fromNist
3 months ago
Web design

NVD

The plugin is vulnerable to XSS due to poor input handling.
Attackers can inject scripts if users are tricked into clicking malicious links.
#google
fromTheregister
4 months ago
Tech industry

Cloudflare dishes up the web dirt for 2024

Global internet traffic grew by 17.2% in 2023, with the US responsible for a large share of bot traffic.
fromComputerworld
6 months ago
Miscellaneous

Google, it's time to kill CAPTCHAS

Google should eliminate CAPTCHAs due to AI advancements making them redundant and their potential exploitation for malware distribution.
fromTheregister
4 months ago
Tech industry

Cloudflare dishes up the web dirt for 2024

Global internet traffic grew by 17.2% in 2023, with the US responsible for a large share of bot traffic.
fromComputerworld
6 months ago
Miscellaneous

Google, it's time to kill CAPTCHAS

Google should eliminate CAPTCHAs due to AI advancements making them redundant and their potential exploitation for malware distribution.
more#google
#user-verification
fromBloomberg
4 months ago
JavaScript

Bloomberg

Unusual network activity can trigger security measures that require user verification.
fromBloomberg
5 months ago
JavaScript

Bloomberg

Unusual network activity can trigger automated security protocols requiring user verification.
fromBloomberg
5 months ago
JavaScript

Bloomberg

Unusual network activity can lead to security prompts to verify user authenticity.
fromBloomberg
4 months ago
JavaScript

Bloomberg

Unusual network activity can trigger security measures that require user verification.
fromBloomberg
5 months ago
JavaScript

Bloomberg

Unusual network activity can trigger automated security protocols requiring user verification.
fromBloomberg
5 months ago
JavaScript

Bloomberg

Unusual network activity can lead to security prompts to verify user authenticity.
more#user-verification
fromBloomberg
4 months ago
JavaScript

Bloomberg

Verification processes help protect online environments from potential threats.
User authentication is critical for maintaining web security.
Browser settings can impact access to websites. Better settings can improve user experience.
fromZDNET
7 months ago
Information security

How to use the open-source Proton VPN browser extension

Browser-based VPNs only protect web traffic, not other applications.
Proton VPN is highly recommended for its usability and security features.
You need a paid account for Proton VPN with no free options available.
Privacy professionals
fromTheregister
7 months ago

Google Chrome gets a mind of its own for some security fixes

Chrome's Safety Check now autonomously manages security by revoking permissions and suppressing unsafe notifications, enhancing user protection.
The feature runs in the background and informs users about actions taken to improve their browsing security.
fromBloomberg
9 months ago
JavaScript

Bloomberg

Websites may use security measures like CAPTCHA to prevent automated access. Ensure browser settings allow JavaScript and cookies to access websites smoothly.
fromBloomberg
9 months ago
JavaScript

Bloomberg

Website requesting verification to ensure human user and prevent automated bot activity.
[ Load more ]