Hackers exploit critical RCE flaw in Bricks WordPress site builder
Hackers are actively exploiting a critical remote code execution (RCE) flaw impacting the Brick Builder Theme to run malicious PHP code on vulnerable sites. The…
Category: Bleeping Computer
Hacker arrested for selling bank accounts of US, Canadian users
Ukraine’s cyber police arrested a 31-year-old for running a cybercrime operation that gained access to bank accounts of American and Canadian users and sold it…
Anatsa Android malware downloaded 150,000 times via Google Play
The Anatsa banking trojan has been targeting users in Europe by infecting Android devices through malware droppers hosted on Google Play. Over the past four…
FBI disrupts Russian Moobot botnet infecting Ubiquiti routers
The FBI took down a botnet of small office/home office (SOHO) routers used by Russia’s Main Intelligence Directorate of the General Staff (GRU) to proxy…
New Google Chrome feature blocks attacks against home networks
Google is testing a new feature to prevent malicious public websites from pivoting through a user’s browser to attack devices and services on internal, private…
ALPHV ransomware claims loanDepot, Prudential Financial breaches
The ALPHV/Blackcat ransomware gang has claimed responsibility for the recent network breaches of Fortune 500 company Prudential Financial and mortgage lender loanDepot. The two companies…
Wyze investigating ‘security issue’ amid ongoing outage
Wyze Labs is investigating a security issue while experiencing a service outage that has been causing connectivity issues since this morning. In an incident report…
SolarWinds fixes critical RCE bugs in access rights audit solution
SolarWinds has patched five remote code execution (RCE) flaws in its Access Rights Manager (ARM) solution, including three critical severity vulnerabilities that allow unauthenticated exploitation.…
North Korean hackers now launder stolen crypto via YoMix tumbler
The North Korean hacker collective Lazarus, infamous for having carried out numerous large-scale cryptocurrency heists over the years, has switched to using YoMix bitcoin mixer…
Turla hackers backdoor NGOs with new TinyTurla-NG malware
Security researchers have identified and analyzed new malware they call TinyTurla-NG and TurlaPower-NG used by the Russian hacker group Turla to maintain access to a…
Three critical application security flaws scanners can’t detect
In today’s interconnected world, web application security is crucial for business continuity. Yet, web application attacks are now involved in 25% of all breaches. While…
Over 13,000 Ivanti gateways vulnerable to actively exploited bugs
Thousands of Ivanti Connect Secure and Policy Secure endpoints remain vulnerable to multiple security issues first disclosed more than a month ago and which the…