XSS Bug in SEOPress WordPress Plugin Allows Site Takeover
The bug would allow a number of malicious actions, up to and including full site takeover. The vulnerable plugin is installed on 100,000 websites. [...]
The bug would allow a number of malicious actions, up to and including full site takeover. The vulnerable plugin is installed on 100,000 websites. [...]
CAPTCHA-protected malicious URLs are snowballing lately, researchers said. [...]
A crush of new attacks using the well-known adware involves at least 150 updated samples, many of which aren't recognized by Apple's built-in security controls. [...]
The out-of-band warning pairs with a working proof-of-concept exploit for the issue, circulating since mid-July. [...]
Spam was on the rise in Q2, with video fraud and COVID-19-related efforts in the mix. [...]
Microsoft's August 2021 Patch Tuesday addressed a smaller set of bugs than usual, including more Print Spooler problems, a zero-day and seven critical vulnerabilities. [...]
The dangerous malware has been rapidly developed since June and could be released into the wild soon. [...]
A mere three days after disclosure, cyberattackers are hijacking home routers from 20 vendors & ISPs to add them to a Mirai-variant botnet used for carrying out DDoS attacks. [...]
The latest variants of the Monero-mining malware exploit known web server bugs and add efficiency to the mining process. [...]
Prior to a patch, a serious bug could have allowed attackers to take over Kindles and steal personal data. [...]
Security researchers warned that at least 8,800 vulnerable systems are open to compromise. [...]
A researcher was able to remotely control the lights, bed and ventilation in "smart" hotel rooms via Nasnos vulnerabilities. [...]
The second quarter of the year saw the highest volumes of ransomware attacks ever, with Ryuk leading the way. [...]
Using a lure relating to a lawsuit against the owner of Jack Daniels whiskey, the cybergang launched a campaign that may be bent on ransomware deployment. [...]
The vendor will work with customers affected by the early July spate of ransomware attacks to unlock files; it's unclear if the ransom was paid. [...]
The “Evernote for creatives” is anchoring a rapidly spiking phishing campaign, evading SEGs with ease. [...]
Misconfigured permissions for Argo's web-facing dashboard allow unauthenticated attackers to run code on Kubernetes targets, including cryptomining containers. [...]
Our roundtable of experts weighs in on implications for Apple and lawmakers in the wake of the bombshell report showing widespread surveillance of dissidents, journalists and others. [...]
The bug could allow cyberattackers to bypass security products, tamper with data and run code in kernel mode. [...]
The newly documented code is a full-service malware-delivery threat that's spreading indiscriminately globally through paid search ads. [...]
A format-string bug believed to be a low-risk denial-of-service issue turns out to be much nastier than expected. [...]
Telecom providers, including wireless carriers, are at risk of disruption of network service if the bug in SBR Carrier is exploited. [...]
Candiru, aka Sourgum, allegedly sells the DevilsTongue surveillance malware to governments around the world. [...]
The popular e-commerce platform for WordPress has started deploying emergency patches. [...]
The attackers have spruced up the 'vncDll' module used for spying on targets and stealing data. [...]