Critical Forminator plugin flaw impacts over 300k WordPress sites
The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows malicious actors to perform unrestricted file uploads to the server.…
Category: Bleeping Computer
The Week in Ransomware – April 19th 2024
While ransomware attacks decreased after the LockBit and BlackCat disruptions, they have once again started to ramp up with other operations filling the void. A…
CrushFTP warns users to patch exploited zero-day “immediately”
CrushFTP warned customers today in a private memo of an actively exploited zero-day vulnerability fixed in new versions released today, urging them to patch their…
United Nations agency investigates ransomware attack, data theft
The United Nations Development Programme (UNDP) is investigating a cyberattack after threat actors breached its IT systems to steal human resources data. UNDP, the UN’s…
HelloKitty ransomware rebrands, releases CD Projekt and Cisco data
An operator of the HelloKitty ransomware operation announced they changed the name to ‘HelloGookie,’ releasing passwords for previously leaked CD Projekt source code, Cisco network…
MITRE says state hackers breached its network via Ivanti zero-days
The MITRE Corporation says that a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days. The incident was discovered…
22,500 Palo Alto firewalls “possibly vulnerable” to ongoing attacks
Approximately 22,500 exposed Palo Alto GlobalProtect firewall devices are likely vulnerable to the CVE-2024-3400 flaw, a critical command injection vulnerability that has been actively exploited…
Fake cheat lures gamers into spreading infostealer malware
A new info-stealing malware linked to Redline poses as a game cheat called ‘Cheat Lab,’ promising downloaders a free copy if they convince their friends to install…
Frontier Communications shuts down systems after cyberattack
American telecom provider Frontier Communications is restoring systems after a cybercrime group breached some of its IT systems in a recent cyberattack. Frontier is a…
Google ad impersonates Whales Market to push wallet drainer malware
A legitimate-looking Google Search advertisement for the crypto trading platform ‘Whales Market’ redirects visitors to a wallet-draining phishing site that steals all of your assets.…
Akira ransomware raked in $42 million from 250+ victims
According to a joint advisory from the FBI, CISA, Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National Cyber Security Centre (NCSC-NL), the Akira ransomware operation…
840-bed hospital in France postpones procedures after cyberattack
The Hospital Simone Veil in Cannes (CHC-SV) has announced that it was targeted by a cyberattack on Tuesday morning, severely impacting its operations and forcing…