Hacked WordPress sites use visitors’ browsers to hack other sites
Hackers are conducting widescale attacks on WordPress sites to inject scripts that force visitors’ browsers to bruteforce passwords for other...
Read more →Category: Bleeping Computer
Hackers impersonate U.S. government agencies in BEC attacks
A gang of hackers specialized in business email compromise (BEC) attacks and tracked as TA4903 has been impersonating various U.S....
Read more →
Canada’s anti-money laundering agency offline after cyberattack
The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) has announced that a “cyber incident” forced it to take...
Read more →
Duvel says it has “more than enough” beer after ransomware attack
Duvel Moortgat Brewery was hit by a ransomware attack late last night, bringing to a halt the beer production in...
Read more →
VMware fixes critical sandbox escape flaws in ESXi, Workstation, and Fusion
VMware released security updates to fix critical sandbox escape vulnerabilities in VMware ESXi, Workstation, Fusion, and Cloud Foundation products, allowing...
Read more →
Hackers target Docker, Hadoop, Redis, Confluence with new Golang malware
Hackers are targeting misconfigured servers running Apache Hadoop YARN, Docker, Confluence, or Redis with new Golang-based malware that automates the...
Read more →
ScreenConnect flaws exploited to drop new ToddlerShark malware
The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a...
Read more →
Passwords are Costing Your Organization Money
Passwords play a critical role in most organizations’ security. But they can also represent a significant expense. From the countless...
Read more →
NSA shares zero-trust guidance to limit adversaries on the network
The National Security Agency is sharing new guidance to help organizations limit an adversary’s movement on the internal network...
Read more →
Facebook and Instagram outage logs out users, passwords not working
Facebook and Instagram users worldwide have been logged out of the sites and are having trouble logging in, receiving errors...
Read more →
Apple fixes two new iOS zero-days exploited in attacks on iPhones
Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones. “Apple is...
Read more →
New WogRAT malware abuses online notepad service to store malware
A new malware dubbed ‘WogRAT’ targets both Windows and Linux in attacks abusing an online notepad platform named ‘aNotepad’ as...
Read more →