ImmuniWeb Security Blog

New WordPress bug, enterprise data exposure via misconfigured Box Enterprise accounts, massive mobile adware and data stealing campaigns aimed at Android users, and more.

0Days in Adobe ColdFusion and Google Chrome, privacy risks of Android VPN apps, an official approval for the WebAuthn Web standard, and more.

Nation-state cyber-attacks are no longer rarities. Partly it is 'weapons-testing' and partly it is economic espionage.

Dangerous flaws in the SHAREit Android app, recent attacks exploiting the latest Drupal bug, malicious docs distribution on hacked Bangladeshi embassy website, and more.

Bug bounties are a form of results-based outsourced code checking. It is a cost-efficient and effective method of crowdsourcing a company’s code analysis, while paying only for ...

User accountability, improved security & forensics, adhering to compliance and easy troubleshooting are just a few of the benefits of keeping an activity log on your WordPress site.

A massive malvertising campaign targeting US users, Aadhaar data exposure of Indian LPG gas company clients, critical flaw in WordPress, and more.

OkCupid account hijackings, availability of 617 million stolen accounts on the dark web, vulnerabilities in WordPress plugins, and more.

A vulnerability in e-ticketing systems used by major airlines, malvertising campaign targeting premium publishers, abuse of a long-standing feature in Google Gmail, and more.

Review of security vulnerabilities and incidents involving WordPress, Joomla, Drupal and others popular CMS in 2018.

Eavesdropping bug in Apple’s FaceTime, a zero-day vulnerability in abandoned WordPress plugin, Manic Menagerie attack on Australian web hosting, and more.

Here are 10 of the most popular WordPress plugins which are still more vulnerable than you might think.