FreshRSS 信息泄露漏洞

FreshRSS is a free, self-hosted RSS aggregator from the FreshRSS open source. An information disclosure vulnerability exists in versions of FreshRSS prior to 1.20.2 that stems from a remote user being able to access user configuration files, such configurations contain hashed passwords for the we...

Google Pulls Adware Extensions from Chrome Store

Two Chrome extensions went from legitimate browsing ad-ons to adware-spewing nuisances in the blink of a legitimate transaction. Google recently took action against the Add to Feedly and Tweet this Page extensions, removing both from the Chrome Store after they were sold to adware brokers and fou...

Google Reader Used in Koobface Attack

The attackers behind the insidious Koobface worm have taken to using Google Reader accounts that they control to spread the worm through shared Reader items. The infection method–which has been used before by Facebook worms–is another indication of the resilience and changing tactics the malware...

Google Reader cross-site request forgery vulnerability

Overview Google Reader is vulnerable to a persistent cross-site request forgery attack that may be exploited by a specially crafted RSS feed. Description Google Reader is an online RSS feed reader. It can display text and images when displaying RSS feeds.Google Reader contains a cross-site reques...