Threat hunters have discovered a rogue WordPress plugin that’s capable of creating bogus administrator users and injecting malicious JavaScript code to steal...
Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to achieve remote...
A previously unknown hacker outfit called GambleForce has been attributed to a series of SQL injection attacks against companies primarily in the...
Apache has released a security advisory warning of a critical security flaw in the Struts 2 open-source web application framework that could...
Cybersecurity researchers have discovered a case of “forced authentication” that could be exploited to leak a Windows user’s NT LAN Manager (NTLM)...
The threat actors behind a new ransomware group called Hunters International have acquired the source code and infrastructure from the now-dismantled Hive...
Mobile network data might be one of our most recent and thorough dossiers. Our mobile phones are linked to these networks and...
VMware has released security updates to address a critical flaw in the vCenter Server that could result in remote code execution on...
Two critical security flaws discovered in the open-source CasaOS personal cloud software could be successfully exploited by attackers to achieve arbitrary code...
A new security flaw has been disclosed in the libcue library impacting GNOME Linux systems that could be exploited to achieve remote...
A new deceptive package hidden within the npm package registry has been uncovered deploying an open-source rootkit called r77, marking the first...
A critical security vulnerability in the JetBrains TeamCity continuous integration and continuous deployment (CI/CD) software could be exploited by unauthenticated attackers to...
Cyber attacks on e-commerce applications are a common trend in 2023 as e-commerce businesses become more omnichannel, they build and deploy increasingly...
Overview In the last chapter (Azure cloud security tutorial series – Chapter 2 [Virtual Network]) we saw on how to create VNet...
A sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce’s email services, allowing threat actors to craft targeted...
Threat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive...
Following a buyer on a hackers’ forum offering stolen data for US$100,000 (S$134,898) in bitcoin on Saturday, it is believed that gaming...
A newly found Truebot Malware targets both US and Canada-based organizations to exfiltrate sensitive information by exploiting vulnerabilities in the Netwrix Auditor...
A critical security flaw has been disclosed in the WordPress “Abandoned Cart Lite for WooCommerce” plugin that’s installed on more than 30,000...
A security flaw has been uncovered in the WooCommerce Stripe Gateway WordPress plugin that could lead to the unauthorized disclosure of sensitive...
The ever-changing topography of cyberspace always results in the introduction of new security flaws and vulnerabilities. A major vulnerability, which is now...