Dark Reading

OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover

Critical API security flaws have put millions of users at risk for account takeover, by using a modern authentication standard to resurrect a longtime vulnerability. The bugs were found in the Hotjar ...
Dark Reading

Every Old Vulnerability Is Now an AI Vulnerability

AI's danger isn't that it's creating new bugs, it's that it's amplifying old ones. On March 10, 2026, Microsoft patched ...
Bleeping Computer

StealC hackers hacked as researchers hijack malware control panels

A cross-site scripting (XSS) flaw in the web-based control panel used by operators of the StealC info-stealing malware allowed researchers to observe active sessions and gather intelligence on the ...
Visual Studio Magazine

BFF and SPAs: Best Friends Forever

Christian Wenz explains why the Backends for Frontends (BFF) pattern is emerging as a more secure authentication model for single-page applications.