Popular WordPress Security Plugin Caught Logging Plaintext Passwords
The All-In-One Security (AIOS) WordPress plugin was found to be logging plaintext passwords from login attempts. Installed on more than...
Read more →Category: SecurityWeek
3 Tax Prep Firms Shared ‘Extraordinarily Sensitive’ Data About Taxpayers With Meta, Lawmakers Say
Three large tax preparation firms sent “extraordinarily sensitive” information on tens of millions of taxpayers to Facebook parent company Meta...
Read more →
Juniper Networks Patches High-Severity Vulnerabilities in Junos OS
Networking appliances maker Juniper Networks on Wednesday announced software updates that patch multiple high-severity vulnerabilities in Junos OS, Junos OS...
Read more →
Apple Re-Releases Urgent Zero-Day Patches With Fix for Website Access Issue
Apple has re-released its latest Rapid Security Response updates for iOS and macOS after fixing a website access issue caused...
Read more →
SonicWall Patches Critical Vulnerabilities in GMS, Analytics Products
SonicWall on Wednesday announced patches for 15 vulnerabilities in its Global Management System (GMS) and Analytics products, including four critical-severity...
Read more →
APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure
An unnamed advanced persistent threat (APT) group has set its sights on two Rockwell Automation product vulnerabilities that they could...
Read more →
Orca Sues Wiz Over Alleged Cloud Security Patent Violations
The simmering rivalry between Israeli cloud security unicorns Orca and Wiz erupted in the open Wednesday with Orca filing a...
Read more →
Hardcoded Accounts Allow Full Takeover of Technicolor Routers
Multiple hardcoded credentials found on the Technicolor TG670 DSL gateway router allow attackers to completely take over devices, the CERT...
Read more →
Inside the Mind of the Hacker: Report Shows Speed and Efficiency of Hackers in Adopting New Technologies
The application of artificial intelligence is still in its infancy, but we are already seeing one major effect: the democratization...
Read more →
Chinese Cyberspies Used Forged Authentication Tokens to Hack Government Emails
Microsoft reported on Tuesday that a Chinese cyberespionage group it tracks as Storm-0558 was recently spotted using forged authentication tokens...
Read more →
MOVEit: Testing the Limits of Supply Chain Security
Since late last month, a Russian cyber-extortion gang has been exploiting a flaw in a widely used software known as...
Read more →
Citrix Patches Critical Vulnerability in Secure Access Client for Ubuntu
Citrix on Tuesday announced the release of patches for a critical-severity vulnerability in the Secure Access client for Ubuntu that...
Read more →