Skip to content
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites

Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites

Apr 26, 2024NewsroomThreat Intelligence / Cyber Attack Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, carries… 

DOJ Arrests Founders of Crypto Mixer Samourai for  Billion in Illegal Transactions

DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactions

Apr 25, 2024NewsroomCryptocurrency / Cybercrime The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of two co-founders of a cryptocurrency mixer called Samourai and seized the service for allegedly facilitating over $2 billion… 

Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny

Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny

Apr 25, 2024NewsroomTechnology / Privacy Google has once again pushed its plans to deprecate third-party tracking cookies in its Chrome web browser as it works to address outstanding competition concerns from U.K. regulators over its… 

State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage

State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage

Apr 25, 2024NewsroomVulnerability / Zero-Day A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target environments. Cisco Talos, which dubbed the activity… 

U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks

U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks

Apr 24, 2024NewsroomCyber Attack / Cyber Espionage The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Monday sanctioned two firms and four individuals for their involvement in malicious cyber activities on behalf of… 

Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike

Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike

Apr 24, 2024NewsroomMalware / Endpoint Security Cybersecurity researchers have discovered an ongoing attack campaign that’s leveraging phishing emails to deliver malware called SSLoad. The campaign, codenamed FROZEN#SHADOW by Securonix, also involves the deployment of Cobalt… 

Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users

Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users

Apr 24, 2024NewsroomEncryption / Mobile Security Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploited to reveal users’ keystrokes to nefarious actors. The findings come from the Citizen Lab, which discovered weaknesses in… 

eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners

eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners

A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting large corporate networks. Cybersecurity firm…