Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers
A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc. [...]
A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc. [...]
Cybercriminals exploited bugs in the world's largest digital-goods marketplace to create malicious artwork offered as a perk to unsuspecting users. [...]
The cyberattacks, linked to a Chinese-speaking APT, deliver the new MysterySnail RAT malware to Windows servers. [...]
An Iran-linked group is taking aim at makers of drones and satellites, Persian Gulf ports and maritime shipping companies, among others. [...]
The destroyer-class USS Kidd streamed hours of game play in a funny incident that has serious cybersecurity ramifications. [...]
The possible cyberattacks include disabling monitoring, location-tracking of children and malicious redirects of parent-console users. [...]
The rare UEFI bootkit drops a fully featured backdoor on PCs and gains the ultimate persistence by modifying the Windows Boot Manager. [...]
Three security vulnerabilities in Axis video products could open up the door to a bevy of different cyberattacks on businesses. [...]
The open-source project has rolled out a security fix for CVE-2021-41773, for which public cyberattack exploit code is circulating. [...]
An analysis of second-quarter malware trends shows that threats are becoming stealthier. [...]
A former medical records tech stole PII that was then used to fraudulently claim DoD and VA benefits, particularly targeting disabled veterans. [...]
The group uses millions of password combos at the rate of nearly 2,700 login attempts per minute with new techniques that push the ATO envelope. [...]
Researchers have demonstrated that someone could use a stolen, locked iPhone to pay for thousands of dollars of goods or services, no authentication needed. [...]
Apple's personal item-tracker devices can be used to deliver malware, slurp credentials, steal tokens and more thanks to XSS. [...]
The mobile malware has fleeced hundreds of millions of dollars from victims globally, using sophisticated techniques. [...]
A 'nearly impossible to analyze' version of the malware sports a bootkit and 'steal-everything' capabilities. [...]
Income level, education and being part of a disadvantaged population all contribute to cybercrime outcomes, a survey suggests. [...]
The mobile baddie grants itself access to almost everything, enabling spying, data-harvesting, stalking and fraud attacks, among others. [...]
Unauthenticated cyberattackers can also wreak havoc on networking device configurations. [...]
A custom "SparrowDoor" backdoor has allowed the attackers to collect data from targets around the globe. [...]
The issue lies in a parental-control function that's always enabled by default, even if users don't configure for child security. [...]
All a user needs to do is click on an email attachment, and boom – the code is silently executed without the victim knowing. It affects Big Sur and prior versions of macOS. [...]
"Time to find out who in your family secretly ran... [a] QAnon hellhole," said attackers who affiliated themselves with the hacktivist collective Anonymous, noting that Epik had laughable security. [...]
Organized crime ring thrived on violence, intimidation and $12 million in online fraud profits. [...]
With the help of malicious insiders, a fraudster was able to install malware and remotely divorce iPhones and other handsets from the carrier's U.S. network -- all the way from Pakistan. [...]