News

CSO Online18h
‘Grafana Ghost’ XSS flaw exposes 47,000 servers to account takeover
The vulnerability enables attackers to load malicious plugins, hijack sessions, and create administrative accounts on ...
Infosecurity Magazine21h
Over a Third of Grafana Instances Exposed to XSS Flaw
Ox Security warned on Sunday that CVE-2025-4123 impacts 36% of public-facing Grafana instances – or over 46,000 worldwide – ...
Web framework Astro 5.9 arms itself against XSS attacks
Experimental support for CSP is intended to help secure Astro applications against cross-site scripting attacks. There are ...
Dems demand audit of CVE program as Federal funding remains uncertain
It’s a cross-site scripting vulnerability present in open-source webmail platform Roundcube, and abuses a desanitization ...
SecurityWeek6d
Exploited Vulnerability Impacts Over 80,000 Roundcube Servers
Exploitation of a critical-severity RCE vulnerability in Roundcube started only days after a patch was released.
TechBooky14h
Over 46,000 Grafana Instances Vulnerable to Account Takeover
DevOps teams have been advised by security researchers to fix a high-severity vulnerability in Grafana, a widely used tool, ...
Over 46,000 Grafana instances exposed to account takeover bug
More than 46,000 internet-facing Grafana instances remain unpatched and exposed to a client-side open redirect vulnerability ...
The Caledonian-Record1d
Trump believes Israel-Iran may come to deal 'soon' and warns Tehran against retaliating against US
President Donald Trump is issuing a stark warning to Iran against retaliating against U.S. targets in the Middle East while also predicting Israel and Iran would “soon” make a deal ...