Showing only posts tagged Security. Show all posts.

Yearlong supply-chain attack targeting security pros steals 390K credentials

Source

A sophisticated and ongoing supply-chain attack operating for the past year has been stealing sensitive login credentials from both malicious and benevolent security personnel by infecting them with Trojanized versions of open source software from GitHub and NPM, researchers said. The campaign, first reported three weeks ago by security …

Critical WordPress plugin vulnerability under active exploit threatens thousands

Source

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of malicious code, security researchers said. The vulnerability, tracked as CVE-2024-11972, is found in Hunk Companion, a plugin that runs …

Russia takes unusual route to hack Starlink-connected devices in Ukraine

Source

Russian nation-state hackers have followed an unusual path to gather intel in the country's ongoing invasion of Ukraine—appropriating the infrastructure of fellow threat actors and using it to infect electronic devices its adversary’s military personnel are using on the front line. On at least two occasions this …

« newer articles | page 9 | older articles »