WordPress security plugin WP Ghost vulnerable to remote code execution bug
Popular WordPress security plugin WP Ghost is vulnerable to a critical severity flaw that could allow unauthenticated attackers to remotely...
Read more →Category: Bleeping Computer
GitHub Action supply chain attack exposed secrets in 218 repos
The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it, with it...
Read more →
HellCat hackers go on a worldwide Jira hacking spree
Swiss global solutions provider Ascom has confirmed a cyberattack on its IT infrastructure as a hacker group known as Hellcat...
Read more →
Ukrainian military targeted in new Signal spear-phishing attacks
Ukraine’s Computer Emergency Response Team (CERT-UA) is warning about highly targeted attacks employing compromised Signal accounts to send malware to...
Read more →
Pennsylvania education union data breach hit 500,000 people
The Pennsylvania State Education Association (PSEA), the largest public-sector union in Pennsylvania, is notifying over half a million individuals that...
Read more →
Kali Linux 2025.1a released with 1 new tool, annual theme refresh
Kali Linux has released version 2025.1a, the first version of 2025, with one new tool, desktop changes, and a theme...
Read more →
Malware campaign ‘DollyWay’ breached 20,000 WordPress sites
A malware operation dubbed ‘DollyWay’ has been underway since 2016, compromising over 20,000 WordPress sites globally to redirect users to malicious sites....
Read more →
Microsoft Exchange Online outage affects Outlook web users
Microsoft is investigating an ongoing outage preventing Outlook on the web users from accessing their Exchange Online mailboxes. According to...
Read more →
New Arcane infostealer infects YouTube, Discord users via game cheats
A newly discovered information-stealing malware called Arcane is stealing extensive user data, including VPN account credentials, gaming clients, messaging apps,...
Read more →
Microsoft fixes Windows update bug that uninstalled Copilot
Microsoft has fixed a bug causing the March 2025 Windows cumulative updates to mistakenly uninstall the AI-powered Copilot digital assistant...
Read more →
Click Profit blocked by the FTC over alleged e-commerce scams
The US Federal Trade Commission (FTC) has taken action against the “Click Profit” business opportunity scheme for allegedly earning $14 million...
Read more →
WhatsApp patched zero-click flaw exploited in Paragon spyware attacks
WhatsApp has patched a zero-click, zero-day vulnerability used to install Paragon’s Graphite spyware following reports from security researchers at the...
Read more →