May 29, 2025Ravie LakshmananVulnerability / Website Security Cybersecurity researchers have disclosed a critical unpatched security flaw impacting TI WooCommerce Wishlist plugin for WordPress that could be exploited by unauthenticated attackers to upload arbitrary files. TI…
May 28, 2025Ravie LakshmananRansomware / Data Breach An Iranian national has pleaded guilty in the U.S. over his involvement in an international ransomware and extortion scheme involving the Robbinhood ransomware. Sina Gholinejad (aka Sina Ghaaf),…
May 28, 2025Ravie LakshmananCybersecurity / Cyber Espionage The Czech Republic on Wednesday formally accused a threat actor associated with the People’s Republic of China (PRC) of targeting its Ministry of Foreign Affairs. In a public…
May 28, 2025Ravie LakshmananData Privacy / Vulnerability Cybersecurity researchers have discovered a security flaw in Microsoft’s OneDrive File Picker that, if successfully exploited, could allow websites to access a user’s entire cloud storage content, as…
May 28, 2025Ravie LakshmananIoT Security / Cryptocurrency Embedded Linux-based Internet of Things (IoT) devices have become the target of a new botnet dubbed PumaBot. Written in Go, the botnet is designed to conduct brute-force attacks…
May 28, 2025The Hacker NewsIdentity Theft / Enterprise Security Stealer malware no longer just steals passwords. In 2025, it steals live sessions—and attackers are moving faster and more efficiently than ever. While many associate account…
May 28, 2025Ravie LakshmananCryptojacking / Vulnerability A financially motivated threat actor has been observed exploiting a recently disclosed remote code execution flaw affecting the Craft Content Management System (CMS) to deploy multiple payloads, including a…
May 28, 2025The Hacker NewsBrowser Security / Credential Theft Would you expect an end user to log on to a cybercriminal’s computer, open their browser, and type in their usernames and passwords? Hopefully not! But…
May 28, 2025Ravie LakshmananNetwork Security / Vulnerability Cybersecurity researchers have disclosed details of a coordinated cloud-based scanning activity that targeted 75 distinct “exposure points” earlier this month. The activity, observed by GreyNoise on May 8,…
May 28, 2025Ravie LakshmananMobile Security / Software Security Apple on Tuesday revealed that it prevented over $9 billion in fraudulent transactions in the last five years, including more than $2 billion in 2024 alone. The…