Don't-Miss Web App Stories

mozilla firefox quantum home

Mozilla's Firefox Quantum next-generation browser is ready for you to try out

Mozilla has made its Firefox Quantum browser available to download, promising twice the performance of Mozilla Firefox with the same stingy memory usage.

pcw office alt primary

The best free Microsoft Office alternatives

Microsoft Office isn't the only game in town—many online office suites offer comparable document, spreadsheet, and presentation programs that are not only compatible with Microsoft Office files, but also free.

patch

How to secure your CMS without patching

In as little as four hours, the bad guys can reverse engineer a software patch for an open-source content management system (CMS) and build an exploit capable of turning millions of websites into spammers, malware hosts or DDoS attackers. A German project aims to beat the bad guys to it, without a patch.

img 20170425 105827 01

Google will review web apps that want access to its users' data

In response to recent attacks where hackers abused Google's OAuth services to gain access to Gmail accounts, the company will review new web applications that request Google users' data.

code programming software bugs cybersecurity

Drupal fixes critical access bypass vulnerability

The Drupal project has released a patch to fix a critical access bypass vulnerability that could put websites at risk of hacking.

keyboard money euro fraud

Unpatched vulnerability exposes Magento online shops to hacking

An unpatched vulnerability in the Magento e-commerce platform could allow hackers to upload and execute malicious code on web servers that host online shops.

security code big data cyberespionage DDoS

Apache Struts 2 exploit used to install ransomware on servers

Attackers are exploiting a vulnerability patched last month in the Apache Struts web development framework to install ransomware on servers.

security code big data cyberespionage DDoS

Millions of websites affected by unpatched flaw in Microsoft IIS 6 web server

A proof-of-concept exploit has been published for a zero-day vulnerability in Microsoft Internet Information Services 6.0, a version of the web server that's no longer supported.

code programming software bugs cybersecurity

Flaws in Moodle CMS put thousands of e-learning websites at risk

Organizations that use the popular Moodle learning management system should deploy the latest patches as soon as possible because they fix vulnerabilities that could allow attackers to take over web servers.

Adware security

Malicious uploads allowed hijacking of WhatsApp and Telegram accounts

A vulnerability patched in the web-based versions of encrypted communications services WhatsApp and Telegram would have allowed attackers to take over accounts by sending users malicious files masquerading as images or videos.

code programming software bugs cybersecurity

Hackers exploit Apache Struts vulnerability to compromise corporate web servers

Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers.

chrome intro

Chrome for MacOS will block rogue ad injections and settings changes

Google has expanded its Safe Browsing service, allowing Google Chrome on macOS to better protect users from programs that locally inject ads into web pages or that change the browser's home page and search settings.

wordpress

WordPress silently fixes dangerous code injection vulnerability

Developers of the widely used WordPress content management system intentionally delayed announcing that a recent patch fixed a severe vulnerability.

robot hacking security AI

Plone dismisses claim that flaw in its CMS was used to hack FBI

The security team behind the Plone content management system has dismissed claims that hackers have access to information about an unpatched critical vulnerability.

robot hacking security AI

Critical flaw in PHPMailer library puts millions of websites at risk

A critical remote code execution vulnerability in PHPMailer, one of the most widely used PHP email sending libraries, could put millions of websites at risk of hacking.