If not for Cenzic’s CIA [Cenzic Intelligent Analysis] Research Lab which notified Yahoo on May 23 that Yahoo Mail is facing serious risk from online attackers due to a Cross Site Scripting (XSS) vulnerability, millions of Yahoo mail users might have been victimized already. XSS flaws are said to be the most common and risky vulnerability [...]

Yahoo has fixed a vulnerability in its e-mail program that could allow a hacker to get access to a person's account.

When Internet providers hire third-party companies to serve up advertisements on unused Web pages, that creative attempt to make money can open major security vulnerabilities they can't control, a researcher has found. One such vulnerability ...

ISPs, including Earthlink, that seek to make money from customers' mistyped URLs put the entire internet at risk from hackers that steal passwords, a security researcher reveals Saturday. While the immediate vulnerability is fixed, the practice of returning ads instead of error