WordPress AIOS plugin used by 1M sites logged plaintext passwords
The All-In-One Security (AIOS) WordPress security plugin, used by over a million WordPress sites, was found to be logging plaintext passwords from user login attempts…
Category: Bleeping Computer
BreachForums owner Pompompurin pleads guilty to hacking charges
Conor Brian Fitzpatrick, aka Pompompurin, the owner of the notorious BreachForums (aka Breached) hacking forum, has pleaded guilty to hacking and child pornography possession charges.…
Criminal IP and Tines Forge Powerful Tech Alliance
In the fast-paced world of cybersecurity, strategic technical partnerships are crucial for staying ahead of emerging threats. Criminal IP, a leading Cyber Threat Intelligence search…
Colorado State University says data breach impacts students, staff
Colorado State University (CSU) has confirmed that the Clop ransomware operation stole sensitive personal information of current and former students and employees during the recent…
Shutterfly says Clop ransomware attack did not impact customer data
Shutterfly, an online retail and photography manufacturing platform, is among the latest victims hit by Clop ransomware. Over the last few months, Clop ransomware gang has been exploiting a…
AVrecon malware infects 70,000 Linux routers to build botnet
Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers to a botnet…
AVrecon malware infects 70,0000 Linux routers to build botnet
Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers to a botnet…
Cisco SD-WAN vManage impacted by unauthenticated REST API access
The Cisco SD-WAN vManage management software is impacted by a flaw that allows an unauthenticated, remote attacker to gain read or limited write permissions to…
Fake Linux vulnerability exploit drops data-stealing malware
Cybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware. Uptycs analysts discovered…
Windows 11 23H2 coming this fall as a small enablement package
Microsoft announced today that the upcoming Windows 11, version 23H2, will be available in the fourth quarter of 2023 as an enablement package since it…
Google Play will enforce business checks to curb malware submissions
Google is fighting back against the constant invasion of malware on Google Play by requiring all new developer accounts registering as an organization to provide a…
Zimbra urges admins to manually fix zero-day exploited in attacks
Zimbra urged admins today to manually fix a zero-day vulnerability actively exploited to target and compromise Zimbra Collaboration Suite (ZCS) email servers. This widely adopted…