CSO Online

Google warns of two actively exploited Chrome zero days

One allows a remote attacker to execute arbitrary code inside a sandbox, the other could result in loss of sensitive ...
The Hacker News

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

Modified AuraInspector scans misconfigured Salesforce Experience Cloud sites, extracting CRM data and enabling targeted ...

Terra Security Finds Widespread Exploitable Flaws in AI-Driven Applications, Copilots, and AI-Generated Code

After months of real-world testing of AI copilots, chat interfaces, and AI-generated apps, Terra Security releases a new module for continuous AI Penetration Testing to match AI development velocity ...
IEEE

Comparison of Machine Learning Algorithms Used for Detecting XSS Attacks

Abstract: Web security has become a critical concern due to the increasing sophistication of cyber threats, with Cross-Site Scripting (XSS) among the most prevalent attacks. Traditional rule-based ...
GitHub

Modular Scanner — Burp Suite Extension

A pluggable scanning framework for Burp Suite Professional/Community built on the Montoya API. Ships with 11 scan modules covering recon, injection testing, and API security — all in a single ...
IEEE

XSS-DS: An Innovative Dataset & Deep Learning Structure for Effective Identification of Cross-Site Scripting Attacks in Online Applications

Abstract: Cross-Site Scripting (XSS) remains a sad security adventure for web applications as it enables attackers to introduce envious $\{\{a j\}\}$ scripts that shall marshal to theft of data, ...