Jupiter X Core WordPress plugin could let hackers hijack sites
Two vulnerabilities affecting some version of Jupiter X Core, a premium plugin for setting up WordPress and WooCommerce websites, allow hijacking accounts and uploading files…
Category: Bleeping Computer
Last call for mWISE, the security conference for frontline practitioners.
We’re down to the final weeks of registration for mWISE, the highly targeted, community-focused cybersecurity conference from Mandiant, now part of Google Cloud. It takes…
New Whiffy Recon malware uses WiFi to triangulate your location
Cybercriminals behind the Smoke Loader botnet are using a new piece of malware called Whiffy Recon to triangulate the location of infected devices through WiFi…
New Windows updates cause UNSUPPORTED_PROCESSOR blue screens
Microsoft says the August 2023 preview updates released this week for Windows 11 and Windows 10 systems are causing blue screens with errors mentioning an…
Exploit released for Ivanti Sentry bug abused as zero-day in attacks
Proof-of-concept exploit code is now available for a critical Ivanti Sentry authentication bypass vulnerability that enables attackers to execute code remotely as root on vulnerable…
Hackers use public ManageEngine exploit to breach internet org
The North Korean state-backed hacker group tracked as Lazarus has been exploiting a critical vulnerability (CVE-2022-47966) in Zoho’s ManageEngine ServiceDesk to compromise an internet backbone…
Lapsus$ teen hackers convicted of high-profile cyberattacks
A London jury has found that an 18-year-old member of the Lapsus$ data extortion gang helped hack multiple high-profile companies, stole data from them, and demanded…
The MOVEit hack and what it taught us about application security
When a cyberattack like the 2023 MOVEit hack makes global news headlines, attention often focuses on the names of the affected organizations, or the number…
Windows 10 KB5029331 update introduces a new Backup app
Microsoft has released the optional KB5029331 Preview cumulative update for Windows 10 22H2 with sixteen improvements or fixes, including the introduction of a new Backup…
Bitwarden releases free and open-source E2EE Secrets Manager
Bitwarden, the maker of the popular open-source password manager tool, has released ‘Secrets Manager,’ an end-to-end encrypted secrets manager for IT professionals, software development teams,…
Over 3,000 Openfire servers vulnerable to takover attacks
Thousands of Openfire servers remain vulnerable to CVE-2023-32315, an actively exploited and path traversal vulnerability that allows an unauthenticated user to create new admin accounts.…
Discord starts notifying users affected by March data breach
Starting on Monday, Discord has been reaching out to users affected by a data breach disclosed earlier this year to let them know what Personal…