The cross-site scripting flaw could enable arbitrary code execution, information disclosure - and even account takeover.

Inadequate sanitization checks result in web security flaw in HTML text editor

Move comes following joint investigation between US and Vietnam

Researchers disclosed flaws in Amazon Alexa that could allow attackers to access personal data and install skills on Echo devices.

By Zara Khan

TikTok also collected unique identifiers and sent them to Byte Dance, its parent company.

This is a post from HackRead.com Read the original post: TikTok collected MAC addresses for Android phones against Google’s ToS

By Waqas

SANS is known for providing high-profile and expensive training on InfoSec and cyber security. Oh, the irony.

This is a post from HackRead.com Read the original post: SANS InfoSec institute loses 28,000 records in phishing attack

A phishing email allowed an attacker to compromise a SANS employee's email environment, the organization reports.

New law would provide California residents with an expanded set of digital rights

By Sudais Asif

The threat actor was able to see the user's transmitted data on the Tor browser and tamper with it for their own ill-motives.

This is a post from HackRead.com Read the original post: 23% of Tor browser relays found to be stealing Bitcoin

Citrix said that it anticipates malicious actors "will move quickly to exploit" two critical flaws in its mobile device management software.