#web-security
#web-security

Why can't I get the content using `fetch`

CORS issues occur when a web application attempts to access resources from a different origin without permission.

fromRaymondcamden

1 week ago

Angular

Adding CORS to Your BoxLang APIs

CORS enables secure resource sharing across domains, essential for developing accessible APIs.

The browser is riddled with bugs, 2025 may squash them

SquareX's initiative emphasizes the urgent need to address browser security vulnerabilities as web browsers are critical yet often overlooked in cybersecurity.

JavaScript

10 months ago

Remove Polyfill.io code from your website immediately

Polyfill.io domain used for malware infection, prompting urgent removal of JavaScript code for affected websites.

fromThe Hacker News

Web development

Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images

Threat actors exploit WordPress mu-plugins directory for hidden malware, enabling persistent remote access and redirecting users to phishing sites.

JavaScript

Bloomberg

The article discusses a common web security measure that confirms user identity to prevent fraud.

Web frameworks

fromTechzine Global

The browser is riddled with bugs, 2025 may squash them

SquareX's initiative emphasizes the urgent need to address browser security vulnerabilities as web browsers are critical yet often overlooked in cybersecurity.

JavaScript

10 months ago

Remove Polyfill.io code from your website immediately

Polyfill.io domain used for malware infection, prompting urgent removal of JavaScript code for affected websites.

fromThe Hacker News

Web development

Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images

Threat actors exploit WordPress mu-plugins directory for hidden malware, enabling persistent remote access and redirecting users to phishing sites.

JavaScript

Bloomberg

The article discusses a common web security measure that confirms user identity to prevent fraud.

You have 4 days to update Firefox before everything breaks

Firefox users must update to version 128 to avoid major functionality issues due to an expired root certificate.

Privacy technologies

fromZDNET

Google Chrome is killing more extensions than you think - is your old favorite on the list?

Manifest V3 enhances Chrome security but blocks unsupported extensions, increasing user challenges.

fromWord to the Wise

2 months ago

Miscellaneous

Don't add your domain to the Public Suffix List

The Public Suffix List helps maintain cookie privacy but can break email functionality if domains are registered.

Registering subdomains in the Public Suffix List can enhance security but poses risks for DMARC alignment.

fromNist

3 months ago

Web design

NVD

The plugin is vulnerable to XSS due to poor input handling.

Attackers can inject scripts if users are tricked into clicking malicious links.

fromZDNET

Miscellaneous

How to easily use Cloudflare's secure DNS on your Mac and why it even matters

Secure DNS encrypts your browsing data, enhancing privacy and security across devices.

#google

Tech industry

Cloudflare dishes up the web dirt for 2024

Global internet traffic grew by 17.2% in 2023, with the US responsible for a large share of bot traffic.

fromComputerworld

Miscellaneous

Google, it's time to kill CAPTCHAS

Google should eliminate CAPTCHAs due to AI advancements making them redundant and their potential exploitation for malware distribution.

Tech industry

Cloudflare dishes up the web dirt for 2024

Global internet traffic grew by 17.2% in 2023, with the US responsible for a large share of bot traffic.

fromComputerworld

Miscellaneous

Google, it's time to kill CAPTCHAS

Google should eliminate CAPTCHAs due to AI advancements making them redundant and their potential exploitation for malware distribution.

JavaScript

Bloomberg

Unusual network activity can trigger security measures that require user verification.

JavaScript

Bloomberg

Unusual network activity can trigger automated security protocols requiring user verification.

JavaScript

Bloomberg

Unusual network activity can lead to security prompts to verify user authenticity.

JavaScript

Bloomberg

Unusual network activity can trigger security measures that require user verification.

JavaScript

Bloomberg

Unusual network activity can trigger automated security protocols requiring user verification.

JavaScript

Bloomberg

Unusual network activity can lead to security prompts to verify user authenticity.

more#user-verification

JavaScript

Bloomberg

Verification processes help protect online environments from potential threats.

User authentication is critical for maintaining web security.

Browser settings can impact access to websites. Better settings can improve user experience.

fromZDNET

Information security

How to use the open-source Proton VPN browser extension

Browser-based VPNs only protect web traffic, not other applications.

Proton VPN is highly recommended for its usability and security features.

You need a paid account for Proton VPN with no free options available.

Privacy professionals

Google Chrome gets a mind of its own for some security fixes

Chrome's Safety Check now autonomously manages security by revoking permissions and suppressing unsafe notifications, enhancing user protection.

The feature runs in the background and informs users about actions taken to improve their browsing security.

9 months ago

JavaScript

Bloomberg

Websites may use security measures like CAPTCHA to prevent automated access. Ensure browser settings allow JavaScript and cookies to access websites smoothly.