Posts By Aakanchha Keshri

Critical XSS Vulnerability in FB messenger live chat

Owing to the widespread presence of WordPress, hackers, in fact try incessantly to make past every popular WordPress plugin. As a result, vulnerability disclosures in WordPress plugins almost seem like a never ending process. This time its Fb messenger live chat by Zotabox. So, FB messenger live chat by Zotabox has recently been disclosed to have persistent XSS vulnerability.

Popular Plugin Ninja Forms Vulenrable to Arbitrary File Upload & Path Traversal

Ninja Forms, is a WordPress plugin which allows websites to facilitate creating and customizing forms just by dragging and dropping. Moreover, it is currently in use on 1 million+ websites. This data, obviously, hints at the popularity Ninja forms when enjoying when the news of Ninja Forms' "File upload" extension being vulnerable to arbitrary file upload and path traversal surfaced a day ago. And it was quite a shocker.

Git Repositories (GitHub, GitLab & BitBucket) Hacked

This weekend, another shocking news started doing rounds. Git Repositories, the distributed version control for open source software was hacked. It includes GitHub, GitLab & Bitbucket as its extended channels. According to GitHub search, as many as 392 user accounts has been hacked. Further, the malefactor has deleted programmer's source codes and version histories and replaced it.

How to set secure File Permissions in Magento 1.x & 2.x?

Even though open source CMS(s) are the current go-to software in the cyber world, it opens doors to threat as well. To keep your files secure, you need to have the most secured file permissions handy. Not having enough strict file & folder permissions will elevate the risk of it getting compromised. So, with this article I will let you through the ins and outs of Magento File Permissions.

Fake Payment Method Added in Magento Store - Credit Card Info Getting Leaked

In this attack, the hacker either adds a new payment method or plants a fake payment form. These tricks let him fish valuable credit card info. This particular hack was disclosed when one of Magento users reported to us that something fishy was going on with his website's payment gateway. When our engineers, scanned the website, they found that it indeed was hacked.

PrestaShop Caught in Spam Exploit

PrestaShop, needless to say, is one of the big names in the e-commerce industry. This free open-source CMS is currently being used by 250,000 online stores worldwide and is maintained and regulated by an efficient team of more than a hundred members, says wikipedia. However, we still cannot vouch for its immunity to cyber attacks. After being affected by spam last year, Prestashop is again hit in the same place.

PHP Firewall & Hack Removal Plugin

PHP (Hypertext Preprocessor), might be an old coding language but it still is crowned with the title of being the most popular one. The A-listed companies that use PHP as its language includes Magento, WordPress, Joomla, Laravel, Opencart, Drupal amongst the many others. But as it goes, popularity accompanies threats. And PHP is no exception. In fact, no coding language is protected against hacking but the recent trail of PHP based CMS(s) being attacked one after the other is a matter to be pondered upon. The best way you can have these attacks checked is by using a PHP Firewall.

12
Close