CSOonline

Web app, API attacks surge as cybercriminals target financial services

Web application and application programming interface (API) attacks against the global financial services industry grew by 65% in Q2 2023 compared to Q2 2022, accounting for nine billion attacks in 18 ...
Bleeping Computer

CISA: Roundcube email server bug now exploited in attacks

CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks. The security flaw (CVE-2023-43770) is a persistent ...
CSOonline

‘Grafana Ghost’ XSS flaw exposes 47,000 servers to account takeover

A newly discovered cross-site scripting (XSS) vulnerability in Grafana — a widely used open-source analytics and visualization platform for developers — has put thousands of servers at risk of ...