Unpatched WordPress Plugin Code-Injection Bug Afflicts 50K Sites
An CRSF-to-stored-XSS security bug plagues 50,000 ‘Contact Form 7’ Style users.
A security bug in Touch Form 7 Style, a WordPress plugin installed on over...
Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies
Telecommunication, media, internet service providers (ISPs), information technology (IT)-service providers, and Kurdish websites in the Netherlands have been targeted as part of a new...
Russian Turla Hackers Target Polish NGOs with New TinyTurla-NG Backdoor
The Russia-linked threat actor known as Turla has been observed using a new backdoor called TinyTurla-NG as part of a three-month-long campaign targeting Polish...
Google Chrome Adds App-Bound Encryption to Protect Cookies from Malware
Google has announced that it's adding a new layer of protection to its Chrome browser through what's called app-bound encryption to prevent information-stealing malware...
Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery
Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet.That's according to findings from...
Four REvil Ransomware Members Sentenced in Rare Russian Cybercrime Convictions
Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances...
New Chrome Zero-Day Under Active Attacks – Update Your Browser
Google has fixed a second effectively abused zero-day defect in the Chrome program in about fourteen days, alongside tending to nine other security weaknesses...
The Future of Network Security: Automated Internal and External Pentesting
In today's rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing (pentesting), while effective, often falls...
South Korea Suspends DeepSeek AI Downloads Over Privacy Violations
South Korea has formally suspended new downloads of Chinese artificial intelligence (AI) chatbot DeepSeek in the country until the service makes changes to its...
Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation
Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia."Over the past two months,...