Hackers target vulnerable WordPress Elementor plugin after PoC released
Hackers are now actively probing for vulnerable Essential Addons for Elementor plugin versions on thousands of WordPress websites in massive...
News
KeePass exploit helps retrieve cleartext master password, fix coming soon
The popular KeePass password manager is vulnerable to extracting the master password from the application's memory, allowing attackers who compromise...
WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities
Apple on Thursday rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and the Safari web browser to address...
US-CERT Vulnerability Summary for the Week of May 8, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
This Cybercrime Syndicate Pre-Infected Over 8.9 Million Android Phones Worldwide
A cybercrime enterprise known as Lemon Group is leveraging millions of pre-infected Android smartphones worldwide to carry out their malicious...
Zero Trust + Deception: Join This Webinar to Learn How to Outsmart Attackers!
Cybersecurity is constantly evolving, but complexity can give hostile actors an advantage. To stay ahead of current and future attacks,...
Escalating China-Taiwan Tensions Fuel Alarming Surge in Cyber Attacks
The rising geopolitical tensions between China and Taiwan in recent months have sparked a noticeable uptick in cyber attacks on...
How to Reduce Exposure on the Manufacturing Attack Surface
Digitalization initiatives are connecting once-isolated Operational Technology (OT) environments with their Information Technology (IT) counterparts. This digital transformation of the...
8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency
The notorious cryptojacking group tracked as 8220 Gang has been spotted weaponizing a six-year-old security flaw in Oracle WebLogic servers...
Darknet Carding Kingpin Pleads Guilty: Sold Financial Info of Tens of Thousands
A U.S. national has pleaded guilty in a Missouri court to operating a darknet carding site and selling financial information...
Critical Flaws in Cisco Small Business Switches Could Allow Remote Attacks
Cisco has released updates to address a set of nine security flaws in its Small Business Series Switches that could...
Apple Thwarts $2 Billion in App Store Fraud, Rejects 1.7 Million App Submissions
Apple has announced that it prevented over $2 billion in potentially fraudulent transactions and rejected roughly 1.7 million app submissions...
Cisco warns of critical switch bugs with public exploit code
Cisco warned customers today of four critical remote code execution vulnerabilities with public exploit code affecting multiple Small Business Series...
FBI confirms BianLian ransomware switch to extortion only attacks
A joint Cybersecurity Advisory from government agencies in the U.S. and Australia, and published by the Cybersecurity and Infrastructure Security...
ScanSource says ransomware attack behind multi-day outages
Technology provider ScanSource has announced it has fallen victim to a ransomware attack impacting some of its systems, business operations, and...
Malicious Microsoft VSCode extensions steal passwords, open remote shells
Cybercriminals are starting to target Microsoft's VSCode Marketplace, uploading three malicious Visual Studio extensions that Windows developers downloaded 46,600 times....
MalasLocker ransomware targets Zimbra servers, demands charity donation
Image: Bing Create A new ransomware operation is hacking Zimbra servers to steal emails and encrypt files. However, instead of...
US-CERT Vulnerability Summary for the Week of May 8, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
OilAlpha: Emerging Houthi-linked Cyber Threat Targets Arabian Android Users
A hacking group dubbed OilAlpha with suspected ties to Yemen's Houthi movement has been linked to a cyber espionage campaign...
Identifying a Patch Management Solution: Overview of Key Criteria
Software is rarely a one-and-done proposition. In fact, any application available today will likely need to be updated – or...
Serious Unpatched Vulnerability Uncovered in Popular Belkin Wemo Smart Plugs
The second generation version of Belkin's Wemo Mini Smart Plug has been found to contain a buffer overflow vulnerability that...
State-Sponsored Sidewinder Hacker Group’s Covert Attack Infrastructure Uncovered
Cybersecurity researchers have unearthed previously undocumented attack infrastructure used by the prolific state-sponsored group SideWinder to strike entities located in...
Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover
A financially motivated cyber actor has been observed abusing Microsoft Azure Serial Console on virtual machines (VMs) to install third-party...
U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator
A Russian national has been charged and indicted by the U.S. Department of Justice (DoJ) for launching ransomware attacks against...
