Plugins on WordPress.org backdoored in supply chain attack
A threat actor modified the source code of at least five plugins hosted on WordPress.org to include malicious PHP scripts that...
Read more →Author: Cybernoz
Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806)
Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely used managed file transfer...
Read more →
EU Sanctions Russia-Linked Threat Actors
The European Union has extended its sanctions against threat actors after adding six Russian and Ukrainian nationals to its restrictive...
Read more →
Polyfill.io JavaScript supply chain attack impacts over 100K sites
Over 100,000 sites have been impacted in a supply chain attack by the Polyfill.io service after a Chinese company acquired the domain...
Read more →
CDK Global faced second ransomware attack
CDK Global, a prominent provider of software solutions for automotive sales and services across 15,000 dealerships, recently faced significant disruptions...
Read more →
Mirai-like botnet is exploiting recently disclosed Zyxel NAS flaw
Mirai-like botnet is exploiting recently disclosed Zyxel NAS flaw Pierluigi Paganini June 25, 2024 Researchers warn that a Mirai-based botnet...
Read more →
New Medusa malware variants target Android users in seven countries
The Medusa banking trojan for Android has re-emerged after almost a year of keeping a lower profile in campaigns targeting...
Read more →
Ransomware attacks on obsolete Android devices
Attention Android users still on versions 11 or earlier: A critical security update demands your immediate attention. Multiple hacking groups...
Read more →
European Commission declares Microsoft’s bundling of Teams with M365 anti-competitive
Microsoft broke European Union (EU) antitrust rules by bundling in its cloud-based communications and collaboration software Teams when users purchased...
Read more →
How to Find XSS | HackerOne
What Is XSS? XSS, short for Cross-Site Scripting, is a common type of vulnerability in web applications that executes arbitrary...
Read more →
Client, Employee Data At Risk?
The notorious BlackBasta ransomware group is claiming credit for carrying out cyberattacks on major multinationals in the U.S. The ransomware...
Read more →
Neiman Marcus confirms data breach after Snowflake account hack
Luxury retailer Neiman Marcus confirmed it suffered a data breach after hackers attempted to sell the company’s database stolen in...
Read more →