Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware
Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code. The…
Category: Bleeping Computer
The Week in Ransomware – March 8th 2024
We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in…
The Week in Ransomware – March 8th 2024
We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in…
QNAP warns of critical auth bypass flaw in its NAS devices
QNAP warns of vulnerabilities in its NAS software products, including QTS, QuTS hero, QuTScloud, and myQNAPcloud, that could allow attackers to access devices. The Taiwanese…
Critical Fortinet flaw may impact 150,000 exposed devices
Scans on the public web show that approximately 150,000 Fortinet FortiOS and FortiProxy secure web gateway systems are vulnerable to CVE-2024-21762, a critical security issue…
UnitedHealth brings some Change Healthcare pharmacy services back online
Optum’s Change Healthcare has started to bring systems back online after suffering a crippling BlackCat ransomware attack last month that led to widespread disruption to…
MiTM phishing attack can let attackers unlock and steal a Tesla
Update: Title and content updated to clarify this is MiTM phishing attack conducted using a Flipper Zero but it could be performed by other devices.…
Microsoft says Russian hackers breached its systems, accessed source code
Microsoft says the Russian ‘Midnight Blizzard’ hacking group recently accessed some of its internal systems and source code repositories using authentication secrets stolen during a…
CISA, NSA share best practices for securing cloud services
The NSA and the Cybersecurity and Infrastructure Security Agency (CISA) have released five joint cybersecurity bulletins containing on best practices for securing a cloud environment.…
Flipper Zero WiFi phishing attack can unlock and steal Tesla cars
Update: Title updated to clarify this is phishing attack conducted using a Flipper Zero. An easy phishing attack using a Flipper Zero device can lead…
Play ransomware leaked 65,000 government documents
The National Cyber Security Centre (NCSC) of Switzerland has released a report on its analysis of a data breach following a ransomware attack on Xplain,…
Windows 10 KB5001716 update fails with 0x80070643 errors, how to fix
Microsoft is pushing out a Windows 10 KB5001716 update used to improve Windows Update that is ironically failing to install, showing 0x80070643 errors. Titled ‘KB5001716:…