Website errors can be a real test of patience. One common culprit is the 502 bad gateway error. Known for its ubiquity across the web, it doesn’t discriminate between small WordPress sites or well-known services like Gmail, Twitter, or Instagram. You may encounter a 502 Bad Gateway error when a server upstream (i.e. one closer to the website than the...

Encountering the HTTP Error 429 can be frustrating for both website owners and users. Error 429 is an HTTP status code indicating that a user has sent too many requests in a given amount of time. Websites and servers implement rate limiting to manage their resources efficiently and ensure equitable access for all users. In this post, we’ll dive into...

One of our analysts recently identified a new Mal.Metrica redirect scam on compromised websites, but one that requires a little bit of effort on the part of the victim. It’s another lesson for web users to be careful what they click on, and to be wary of anything suspicious that pops up in their browser — even if it’s coming from a website that they...

Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates...

Navigating the world of website security can feel like stepping into a minefield, especially when you have to navigate threats like zero-day vulnerabilities. Zero-days are security flaws that, worryingly, remain hidden from everyone involved — from dev teams and users, to even the most conscientious vulnerability researchers. In this post, we’ll take...

Cookie hijacking involves unauthorized access to cookies, which are small pieces of data stored on your browser by websites you visit. Cookies often contain sensitive information, including session tokens that authenticate users to a web application. By hijacking these cookies, attackers can impersonate users and gain unauthorized access to private...