Hackers abuse WordPress MU-Plugins to hide malicious code
Hackers are utilizing the WordPress mu-plugins (“Must-Use Plugins”) directory to stealthily run malicious code on every page while evading detection....
Read more →News Archive
View All →
CrushFTP Vulnerability Exploited to Bypass Authentication
A critical vulnerability (CVE-2025-2825) in CrushFTP, a widely used enterprise file transfer solution, allows attackers to bypass authentication and gain...
Read more →
UK law enforcement data adequacy at risk
The UK government has introduced its Data Use and Access Bill (DUAB) to Parliament, but proposed reforms to police data...
Read more →
NVIDIA NeMo Guardrails | Daniel Miessler
One of the biggest challenges companies are facing right now with AI systems is how to deploy them securely. Especially...
Read more →
Hacker linked to Oracle Cloud intrusion threatens to sell stolen data
The threat actor that claimed responsibility for an alleged data breach at Oracle Cloud is threatening to release or sell...
Read more →
North Korean hackers adopt ClickFix attacks to target crypto firms
The notorious North Korean Lazarus hacking group has reportedly adopted ‘ClickFix’ tactics to deploy malware targeting job seekers in the...
Read more →
Cannon Printer Vulnerability Let Attackers Execute Arbitrary Code
Canon has issued a critical security advisory regarding a severe vulnerability detected in several of its printer drivers that could...
Read more →
Zoom software leading to BlackSuit Ransomware drop on Windows
Zoom, the popular video conferencing software widely used by businesses across the globe for meetings and virtual collaboration, has recently...
Read more →
Understanding of ‘black box’ IT systems will reduce Post Office scandal-like risk
Another Post Office scandal could be avoided if leaders in public bodies understand the “black box” IT systems that run...
Read more →
Apple’s LifeOS | Daniel Miessler
iOS17 highlighted at WWDC 2023 I think Apple is building LifeOS. I made a prediction the month before the iPhone...
Read more →
CISA warns new malware targeting Ivanti zero-day vulnerability
Dive Brief: The Cybersecurity and Infrastructure Security Agency on Friday issued an alert for a new malware variant, dubbed Resurge,...
Read more →
The North Korea worker problem is bigger than you think
North Korean nationals have infiltrated businesses across the globe with a more expansive level of organization and deep-rooted access than...
Read more →