Author: Cybernoz

Wordpress
27
Dec
2022

Hackers exploit bug in WordPress gift card plugin with 50K installs

Hackers are actively targeting a critical flaw in YITH WooCommerce Gift Cards Premium, a WordPress plugin used on over 50,000…

Python Tools
27
Dec
2022

Best Python Security Tools for Penetration Testers 2023

There are a variety of Python security tools are using in the cybersecurity industries and python is one of the…

NodeBB prototype pollution flaw could lead to account takeover
27
Dec
2022

NodeBB prototype pollution flaw could lead to account takeover

‘Not a prototype pollution vulnerability as you might normally understand it’ NodeBB, a Node.js platform for creating forum applications, has…

27
Dec
2022

Lensa AI and ‘Magic Avatars’: What to Know Before Using the App

Has the stale selfie that’s served as your profile picture gone a little too long without a refresh? You’ve likely seen friends…

agenda ransomware
27
Dec
2022

New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure

Dec 19, 2022Ravie LakshmananData Security / Endpoint Security A Rust variant of a ransomware strain known as Agenda has been…

Microsoft Exchange logo with a lock behind it
27
Dec
2022

The Week in Ransomware – December 23rd 2022

Reports this week illustrate how threat actors consider Microsoft Exchange as a prime target for gaining initial access to corporate…

JSON syntax hack allowed SQL injection payloads to get smuggled past web application firewalls
27
Dec
2022

JSON syntax hack allowed SQL injection payloads to be smuggled past WAFs

John Leyden 09 December 2022 at 13:17 UTC Updated: 15 December 2022 at 17:06 UTC Five vendors act to thwart…

27
Dec
2022

Log4j’s Log4Shell Vulnerability: One Year Later, It’s Still Lurking

Apache had to scramble at the beginning of December 2021 to be ready to release patches for Log4Shell when it…

2023 Cybersecurity Predictions
27
Dec
2022

Cybercrime (and Security) Predictions for 2023

Dec 19, 2022The Hacker NewsPassword Policy / Data Security Threat actors continue to adapt to the latest technologies, practices, and…

Stealer
27
Dec
2022

New info-stealer malware infects software pirates via fake cracks sites

A new information-stealing malware named ‘RisePro’ is being distributed through fake cracks sites operated by the PrivateLoader pay-per-install (PPI) malware…

ChatGPT bid for bogus crypto bug bounty is thwarted
27
Dec
2022

ChatGPT bid for bogus bug bounty is thwarted

Improving large language models offer ‘just one more way to attack code, and one more way to defend code’ A…

27
Dec
2022

Attackers Keep Targeting the US Electric Grid

We at WIRED have written plenty about the threat that cyberattacks pose to power grids worldwide. But lately, the most…