Category: TheCyberExpress

GiveWP Vulnerability
20
Aug
2024

Critical GiveWP Vulnerability (CVE-2024-5932) Fixed

The GiveWP plugin, a widely used donation and fundraising tool for WordPress, has recently undergone a crucial update to address…

Copy2Pwn CVE-2024-38213
17
Aug
2024

Copy2pwn Bypasses Windows Mark Of The Web Security Feature

Security experts recently uncovered a vulnerability, CVE-2024-38213, that allows threat actors to bypass Windows’ Mark-of-the-Web (MotW) protections through copy-and-paste operations….

NetSuite's SuiteCommerce oracle
17
Aug
2024

Data Exposure Flaw Found In Oracle’s NetSuite SuiteCommerce

Oracle’s NetSuite, a popular Enterprise Resource Planning (ERP) platform, has a feature that allows businesses to deploy an external-facing store…

Weekly Vulnerability Report
17
Aug
2024

The Week’s Top Vulnerabilities: SAP, Ivanti, AMD, Microsoft

Between the Black Hat and DEF CON conferences and Patch Tuesday, it’s been a very busy week for security vulnerabilities….

World Agricultural Cycling Competition Scam
16
Aug
2024

Hackers Launches World Agricultural Cycling Competition Scam

Researchers have uncovered a sophisticated phishing scam targeting participants of the World Agricultural Cycling Competition (WACC). The campaign cleverly mimics…

Azure sign-in Multi-Factor Authentication
16
Aug
2024

Azure Sign-ins: Microsoft Makes MFA Mandatory

In a significant move to fortify the security posture of its cloud platform, Microsoft is implementing mandatory Multi-Factor Authentication (MFA)…

Central Bank of Iran Cyberattack
16
Aug
2024

Central Bank Of Iran Hit By Devastating Cyberattack

The Central Bank of Iran (CBI) and several other banks in the country fell victim to a significant cyberattack on…

Ransomware on Election-day cybersecurity
16
Aug
2024

FBI And CISA Says Threats Won’t Affect Election-Day Cybersecurity

In a joint effort to address the growing concerns surrounding election-day cybersecurity, the Federal Bureau of Investigation (FBI) and the…

AWS S3 ransom note
16
Aug
2024

Cloud Extortion Campaign Hacks AWS .Env Files To Ransom Data

Researchers have uncovered an extortion campaign that targeted more than 100,000 domains by using misconfigured AWS environment variable files (.env files)…

Chinese disinformation campaign on X
15
Aug
2024

Massive AI-Controlled X Disinformation Network Linked To China

Researchers have uncovered a network of at least 5,000 fake X (formerly Twitter) accounts that appear to be controlled by…

GitHub Actions Artifacts GitHub Tokens
15
Aug
2024

GitHub Actions Artifacts Expose Sensitive Tokens In Major Repos

GitHub repositories have become a crucial part of modern software development, allowing teams to collaborate, build, and deploy code. However,…

Deepfakes and Misinformation, Fakes, Disinformation, Kursk, Russia, Ukraine, Kremlin, Putin, CCD, The Center for Countering Disinformation, Deepfake, Misinformation, Russian Propaganda, War Crime, Missiles and Drones
14
Aug
2024

Russia Spreading Deepfakes And Misinformation On Kursk Offensive, Says Ukraine

Deepfakes and Misinformation: Russia’s old but renewed playbook! As Ukraine continues to bomb the Russian border region of Kursk in…