Hundreds of Thousands of eCommerce Sites Impacted by Critical Plugin Vulnerability
Hundreds of thousands of ecommerce websites could be exposed to attacks due to a critical vulnerability in the WooCommerce Stripe Payment Gateway plugin. Tracked as…
Category: SecurityWeek
SAP Patches High-Severity Vulnerabilities With June 2023 Security Updates
SAP on Tuesday announced the release of eight new security notes as part of its June 2023 Security Patch Day, including two notes that address…
Chrome 114 Update Patches Critical Vulnerability
Google on Tuesday announced a new Chrome 114 update that resolves five vulnerabilities, including four critical- and high-severity bugs reported by external researchers. The most…
ICS Patch Tuesday: Siemens Addresses Over 180 Third-Party Component Vulnerabilities
Siemens and Schneider Electric on Tuesday released a total of 16 advisories addressing well over 200 vulnerabilities affecting their industrial products. Siemens Siemens has released…
Spotify Fined $5 Million for Breaching EU Data Rules
Music streaming giant Spotify was on Tuesday fined 58 million kronor ($5.4 million) for not properly informing users on how data it collected on them…
Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks
Fortinet warned customers on Monday that the recently patched vulnerability tracked as CVE-2023-27997 could be a zero-day flaw that has been exploited in limited attacks.…
Data of 8.8 Million Zacks Users Emerges Online
A database containing the personal information of more than 8.8 million Zacks Investment Research users has emerged on a hacking forum. According to data breach…
Ransomware Attack Played Major Role in Shutdown of Illinois Hospital
St. Margaret’s Health is shutting down hospitals and other facilities in Peru and Spring Valley, Illinois, and says a 2021 ransomware attack is partly to…
New Research Shows Potential of Electromagnetic Fault Injection Attacks Against Drones
New research shows the potential of electromagnetic fault injection (EMFI) attacks against unmanned aerial vehicles, with experts showing how drones that don’t have any known…
Romanian Operator of Bulletproof Hosting Service Sentenced to Prison in US
A Romanian national who operated a bulletproof hosting service used by trojans such as Gozi, Zeus, and SpyEye was sentenced to three years in prison…
Virtual Event Today: CISO Forum 2023 – Register to Join
SecurityWeek’s 2023 CISO Forum Virtual Summit is taking place June 13-14 as a fully immersive online experience. Designed for senior level cybersecurity leaders to discuss,…
CosmicEnergy ICS Malware Poses No Immediate Threat, but Should Not Be Ignored
The recently discovered CosmicEnergy malware, which is designed to target industrial control systems (ICS), does not pose an immediate threat to operational technology (OT), but…