Critical GiveWP Vulnerability (CVE-2024-5932) Fixed
The GiveWP plugin, a widely used donation and fundraising tool for WordPress, has recently undergone a crucial update to address a severe security flaw. This…
Category: TheCyberExpress
Copy2pwn Bypasses Windows Mark Of The Web Security Feature
Security experts recently uncovered a vulnerability, CVE-2024-38213, that allows threat actors to bypass Windows’ Mark-of-the-Web (MotW) protections through copy-and-paste operations. This vulnerability, dubbed “copy2pwn,” highlights…
Data Exposure Flaw Found In Oracle’s NetSuite SuiteCommerce
Oracle’s NetSuite, a popular Enterprise Resource Planning (ERP) platform, has a feature that allows businesses to deploy an external-facing store using SuiteCommerce or SiteBuilder. This…
The Week’s Top Vulnerabilities: SAP, Ivanti, AMD, Microsoft
Between the Black Hat and DEF CON conferences and Patch Tuesday, it’s been a very busy week for security vulnerabilities. Cyble researchers investigated 40 vulnerabilities…
Hackers Launches World Agricultural Cycling Competition Scam
Researchers have uncovered a sophisticated phishing scam targeting participants of the World Agricultural Cycling Competition (WACC). The campaign cleverly mimics the official WACC website to…
Azure Sign-ins: Microsoft Makes MFA Mandatory
In a significant move to fortify the security posture of its cloud platform, Microsoft is implementing mandatory Multi-Factor Authentication (MFA) for all Azure sign-ins. This…
Central Bank Of Iran Hit By Devastating Cyberattack
The Central Bank of Iran (CBI) and several other banks in the country fell victim to a significant cyberattack on August 14, 2024. This incident…
FBI And CISA Says Threats Won’t Affect Election-Day Cybersecurity
In a joint effort to address the growing concerns surrounding election-day cybersecurity, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency…
Cloud Extortion Campaign Hacks AWS .Env Files To Ransom Data
Researchers have uncovered an extortion campaign that targeted more than 100,000 domains by using misconfigured AWS environment variable files (.env files) to ransom data in cloud…
Massive AI-Controlled X Disinformation Network Linked To China
Researchers have uncovered a network of at least 5,000 fake X (formerly Twitter) accounts that appear to be controlled by AI in a disinformation campaign…
GitHub Actions Artifacts Expose Sensitive Tokens In Major Repos
GitHub repositories have become a crucial part of modern software development, allowing teams to collaborate, build, and deploy code. However, a critical vulnerability has been…
Russia Spreading Deepfakes And Misinformation On Kursk Offensive, Says Ukraine
Deepfakes and Misinformation: Russia’s old but renewed playbook! As Ukraine continues to bomb the Russian border region of Kursk in a “surprise incursion” with missiles…