Don't-Miss Web App Stories

goodbudget personal finance primary

Goodbudget review: A better budget tracker

Goodbudget provides a simple method for managing household expenses and savings, but it would be more foolproof if it could sync with your accounts.

trim budgeting app lifestyle phone2

Trim review: This AI assistant finds ways to save you money

Trim is an AI-driven financial assistant that analyzes your bank accounts for expenses to cut, then cancels or negotiates bills on your behalf. The savings could be worth the small commission it charges.

internet .com url

How to register your own domain name

Reserve a website name before someone else beats you to it. Here's how to do that using a domain name registrar service.

mozilla firefox quantum home

Mozilla's Firefox Quantum next-generation browser is ready for you to try out

Mozilla has made its Firefox Quantum browser available to download, promising twice the performance of Mozilla Firefox with the same stingy memory usage.

patch

How to secure your CMS without patching

In as little as four hours, the bad guys can reverse engineer a software patch for an open-source content management system (CMS) and build an exploit capable of turning millions of websites into spammers, malware hosts or DDoS attackers. A German project aims to beat the bad guys to it, without a patch.

img 20170425 105827 01

Google will review web apps that want access to its users' data

In response to recent attacks where hackers abused Google's OAuth services to gain access to Gmail accounts, the company will review new web applications that request Google users' data.

code programming software bugs cybersecurity

Drupal fixes critical access bypass vulnerability

The Drupal project has released a patch to fix a critical access bypass vulnerability that could put websites at risk of hacking.

money, euro

Unpatched vulnerability exposes Magento online shops to hacking

An unpatched vulnerability in the Magento e-commerce platform could allow hackers to upload and execute malicious code on web servers that host online shops.

security code big data cyberespionage DDoS

Apache Struts 2 exploit used to install ransomware on servers

Attackers are exploiting a vulnerability patched last month in the Apache Struts web development framework to install ransomware on servers.

security code big data cyberespionage DDoS

Millions of websites affected by unpatched flaw in Microsoft IIS 6 web server

A proof-of-concept exploit has been published for a zero-day vulnerability in Microsoft Internet Information Services 6.0, a version of the web server that's no longer supported.

code programming software bugs cybersecurity

Flaws in Moodle CMS put thousands of e-learning websites at risk

Organizations that use the popular Moodle learning management system should deploy the latest patches as soon as possible because they fix vulnerabilities that could allow attackers to take over web servers.

Adware security

Malicious uploads allowed hijacking of WhatsApp and Telegram accounts

A vulnerability patched in the web-based versions of encrypted communications services WhatsApp and Telegram would have allowed attackers to take over accounts by sending users malicious files masquerading as images or videos.

code programming software bugs cybersecurity

Hackers exploit Apache Struts vulnerability to compromise corporate web servers

Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers.

chrome intro

Chrome for MacOS will block rogue ad injections and settings changes

Google has expanded its Safe Browsing service, allowing Google Chrome on macOS to better protect users from programs that locally inject ads into web pages or that change the browser's home page and search settings.

wordpress

WordPress silently fixes dangerous code injection vulnerability

Developers of the widely used WordPress content management system intentionally delayed announcing that a recent patch fixed a severe vulnerability.