The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...
Dark Reading

Hacking Challenge Shows XSS Still King

Last week, another company got egg on its face by running a "we're-so-secure-you-can't-hack-our-stuff contest." When are companies going to learn claims like that always backfire?The latest "victim" ...
Bleeping Computer

Ukraine arrests suspected admin of XSS Russian hacking forum

The suspected administrator of the Russian-speaking hacking forum XSS.is was arrested by the Ukrainian authorities yesterday at the request of the Paris public prosecutor's office. XSS.is is a Russian ...