Skip to content
software vulnerability Page 20

software vulnerability

WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks

WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks

Oct 04, 2024Ravie LakshmananWebsite Security / Vulnerability A new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitrary JavaScript code under certain conditions.… 

Read More »WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks
Android 14 Adds New Security Features to Block 2G Exploits and Baseband Attacks

Android 14 Adds New Security Features to Block 2G Exploits and Baseband Attacks

Oct 03, 2024Ravie LakshmananMobile Security / Technology Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks. The cellular… 

Read More »Android 14 Adds New Security Features to Block 2G Exploits and Baseband Attacks
New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking

New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking

Oct 03, 2024Ravie LakshmananLinux / Malware Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. “Perfctl… 

Read More »New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking
North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks

North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks

Oct 03, 2024Ravie LakshmananCyber Espionage / Threat Intelligence Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign… 

Read More »North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks
INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa

INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa

Oct 03, 2024Ravie LakshmananCybercrime / Financial Fraud INTERPOL has announced the arrest of eight individuals in Côte d’Ivoire and Nigeria as part of a crackdown on phishing scams and romance cyber fraud. Dubbed Operation Contender… 

Read More »INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa
LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort

LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort

Oct 03, 2024Ravie LakshmananCybercrime / Ransomware A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka Bitwise Spider) ransomware operation, marking… 

Read More »LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort
Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch

Oct 03, 2024Ravie LakshmananVulnerability / Endpoint Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited… 

Read More »Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch
China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration

China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration

Oct 02, 2024Ravie LakshmananCyber Espionage / Cloud Security A previously undocumented threat actor called CeranaKeeper has been linked to a string of data exfiltration attacks targeting Southeast Asia. Slovak cybersecurity firm ESET, which observed campaigns… 

Read More »China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration