Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free...
Read more →Category: Securityaffairs
WordPress sites using the Ultimate Member plugin are under attackSecurity Affairs
Threat actors are exploiting a critical WordPress zero-day in the Ultimate Member plugin to create secret admin accounts. Hackers are...
Read more →
LockBit gang demands a $70 million ransom to the Semiconductor Manufacturing giant TSMCSecurity Affairs
The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed...
Read more →
Avast released a free decryptor for Windows version of Akira ransomwareSecurity Affairs
Avast released a free decryptor for the Akira ransomware that can allow victims to recover their data without paying the...
Read more →
Iran-linked Charming Kitten APT enhanced its POWERSTAR BackdoorSecurity Affairs
Iran-linked Charming Kitten group used an updated version of the PowerShell backdoor called POWERSTAR in a spear-phishing campaign. Security firm...
Read more →
North Korean Andariel APT used a new malware named EarlyRatSecurity Affairs
North Korea-linked cyberespionage group Andariel used a previously undocumented malware called EarlyRat. Kaspersky researchers reported that the North Korea-linked APT group Andariel used a previously...
Read more →
miniOrange’s WordPress Social Login and Register plugin affected by a critical auth bypassSecurity Affairs
A critical authentication bypass flaw in miniOrange’s WordPress Social Login and Register plugin, can allow gaining access to any account on a...
Read more →
The phone monitoring app LetMeSpy disclosed a data breachSecurity Affairs
Android app LetMeSpy disclosed a security breach, sensitive data associated with thousands of Android users were exposed. The phone monitoring app LetMeSpy...
Read more →
Previously undetected ThirdEye appears in the threat landscapeSecurity Affairs
A new Windows information stealer dubbed ThirdEye appeared in the threat landscape, it has been active since April. Fortinet FortiGuard Labs discovered...
Read more →
Former Group-IB manager has been arrested in KazahstanSecurity Affairs
The former head of network security at Group-IB has been arrested in Kazakhstan based on a request from U.S. law...
Read more →
Experts published PoC for Arcserve UDP auth bypass issueSecurity Affairs
Data protection firm Arcserve addressed an authentication bypass vulnerability in its Unified Data Protection (UDP) backup software. Data protection vendor...
Read more →
Using Electromagnetic Fault Injection Attacks to take over dronesSecurity Affairs
Electromagnetic fault injection (EMFI) attacks on drones can potentially allow attackers to achieve arbitrary code execution and take over them....
Read more →