Popular WordPress redirect plugin hid dormant backdoor for years
The Quick Page/Post Redirect plugin, installed on more than 70,000 WordPress sites, had a backdoor added five years ago that allows injecting arbitrary code into users’…
Latest Cybersecurity News — Page 20
View all →
New EtherRAT Variant Uses Trojanized Tftpd64 Installer to Bridge Web2 Malware and Web3 Theft
A new and more dangerous type of malware is quietly targeting Windows users by hiding inside a trusted software installer. Cybercriminals have combined traditional malware…
Compromised SAP npm Packages Found Harvesting Developer and CI/CD Secrets
Security researchers have identified a severe supply chain attack targeting the SAP developer ecosystem. A threat group identified as TeamPCP has compromised multiple legitimate SAP…
Polymarket Rejects Data Breach Claims as Hacker Alleges 300K Records Stolen
A hacker called Xorcat claims to have stolen a massive 300,000 records from Polymarket. It is the world’s largest decentralised cryptocurrency-based prediction market where users…
What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)
Every security team has a version of the same story. The quarter ends with hundreds of vulnerabilities closed. The dashboards are bursting with green. Then…
MP committees to double up on Capita’s civil service pension crisis
Two Parliamentary committees will come together to look deeper into the failings associated with Capta’s takeover of the Civil Service Pension Scheme (CSPS). The Public…
276 Arrested In Operation Tri-Force Sentinel Global Bust
In a major international enforcement action, Operation Tri-Force Sentinel, led by Dubai Police, in coordination with the FBI and Chinese Police, has dismantled a large…
‘Copy Fail’ Linux privesc bug lay dormant in kernel since 2017
A logic flaw sitting undetected in the Linux kernel for nearly nine years lets any unprivileged local user gain root access on virtually every mainstream…
Iranian Cyber Group Handala Targets US Troops in Bahrain
The Iran-linked threat actor Handala this week targeted US troops in Bahrain in an influence campaign carried out on WhatsApp. The messages, signed Handala and…
ShinyHunters exploit Anodot incident to target Vimeo
ShinyHunters exploit Anodot incident to target Vimeo Pierluigi Paganini April 29, 2026 The video platform Vimeo confirmed a security breach via Anodot that exposed metadata,…
Australia Post partners with Alpha Level to expand AI-driven cyber threat detection
Australia Post has partnered with AI security firm Alpha Level to apply machine learning to cyber threat detection across its national network, including systems used…
Researchers unearth industrial sabotage malware that predated Stuxnet by 5 years
The third potential target that matched the rules, Modelo Hidrodinâmico (MOHID), is an open-source water modeling system developed at the Instituto Superior Técnico in Lisbon,…