PC World

Latest firmware updates for Asus routers fix CSRF security flaws

Users of Asus RT-N and RT-AC series routers should install the latest firmware updates released for their models because they address vulnerabilities that could allow attackers to hijack router ...
Bleeping Computer

Critical Cisco bug exposes Expressway gateways to CSRF attacks

Cisco has patched several vulnerabilities affecting its Expressway Series collaboration gateways, two of them rated as critical severity and exposing vulnerable devices to cross-site request forgery ...
Dark Reading

IBM Adds CSRF Scanning to Watchfire Tool

IBM today will release a new version of the Watchfire AppScan vulnerability scanning tool that can test for the pervasive cross-site request forgery (CSRF) vulnerability found in many Web applications ...
Infosecurity-magazine.com

GoDaddy CSRF Flaw Allows Total Domain Hijacking

GoDaddy has patched a cross-site request forgery (CSRF) vulnerability that would allow hackers to take over domains registered with the domain registration company. Security researcher Dylan ...
Bleeping Computer

Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens

Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in GFI KerioControl firewall product. KerioControl is a ...
Infosecurity-magazine.com

XSS is Most Rewarding Bug Bounty as CSRF is Revived

Cross-site scripting (XSS) is the most rewarding security vulnerability, according to data on the number of bug bounties paid. According to HackerOne’s top 10 most impactful security vulnerabilities, ...
CSOonline

Threat Watch: Cross Site Request Forgery (CSRF)

After Cross Site Scripting (XSS), the second most common web application security exploit is probably one you haven’t heard of: Cross Site Request Forgery (or CSRF for short). This little-known but ...