Contrast Security published an analysis of real-world application attack and vulnerability data from September 2019, finding that in the .NET world, the top three vulnerabilities were SQL Injection, ...

Many web-facing enterprise applications have databases sitting behind them. For many of those, the application itself is little more than a snazzy user interface sitting on top of a database. And in ...

Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server (EMS) software that can allow attackers to gain remote code execution (RCE) on vulnerable servers. A threat ...

The WordPress development team released version 5.8.3, a short-cycle security release that addresses four vulnerabilities, three of which are rated of high importance. The set includes an SQL ...

A US-based security expert is to release details of a tool that can use cross-site scripting (XSS) flaws and JavaScript to create a distributed botnet without any kind of user interaction at all. XSS ...