90,000 WordPress Sites Vulnerable to Local File Inclusion Attacks
A severe security flaw in the Jupiter X Core plugin for WordPress exposed over 90,000 websites to Local File Inclusion (LFI) and Remote Code Execution (RCE) attacks. …
Author: Cybernoz
A Signal Update Fends Off a Phishing Technique Used in Russian Espionage
For more than a decade now, Russian cyberwarfare has used Ukraine as a test lab for its latest hacking techniques, methods that often target Ukrainians…
Going Beyond Authentication – Cyber Security Magazine
User Authentication B2C by Kimberly Biddings, VP of Product, BIO-key International As companies look for multi-factor authentication (MFA) methods to keep them secure they find…
Xerox Versalink Printers Vulnerabilities Could Let Hackers Steal Credentials
Xerox Versalink printers are vulnerable to pass-back attacks. Rapid7 discovers LDAP & SMB flaws (CVE-2024-12510 & CVE-2024-12511). Update firmware now! Rapid7 researchers uncovered security weaknesses…
Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack
Feb 19, 2025The Hacker NewsWindows Security / Malware Users who are on the lookout for popular games were lured into downloading trojanized installers that led…
Warning over privacy of encrypted messages as Russia targets Signal Messenger
Russia-backed hacking groups have developed techniques to compromise encrypted messaging services, including Signal, WhatsApp and Telegram, placing journalists, politicians and activists of interest to the…
Firefox 135.0.1 Released with Fix for High-Severity Memory Safety Vulnerabilities
Mozilla has released Firefox 135.0.1, a stability and security update addressing a high-severity memory safety vulnerability (CVE-2025-1414) that exposed users to potential remote code execution…
90,000 WordPress Sites Exposed to Local File Inclusion Attacks
A critical vulnerability (CVE-2025-0366) in the Jupiter X Core WordPress plugin, actively installed on over 90,000 websites, was disclosed on January 6, 2025. The flaw…
How to Plan a Virtual Training Program?
Virtual training is a type of training that allows employees to learn and train from a remote location. Employees can participate in virtual training programs…
Attackers are chaining flaws to breach Palo Alto Networks firewalls
Exploitation attempts targeting CVE-2025-0108, a recently disclosed authentication bypass vulnerability affecting the management web interface of Palo Alto Networks’ firewalls, are ramping up. “GreyNoise now…
Health Net, Centene Fined $11M For Cybersecurity Failures
Health Net Federal Services, LLC (HNFS) and its parent company, Centene Corporation, have agreed to pay over $11 million to resolve allegations that they falsely…
Yahoo Data Leak – Hackers Allegedly Advertised 602,000 Email Accounts
A hacker operating under the alias “exelo” has allegedly advertised a database containing 602,800 Yahoo email accounts on an underground forum. The post claims the…