WordPress Plugin Flaw Let Attackers Hijack 1m Websites
The widely-used Elementor plugin, “Essential Addons for Elementor,” has been discovered to have a security flaw that enables unauthorized users to gain administrative control,...
Netgear Routers’ Flaws Expose Users to Malware, Remote Attacks, and Surveillance
May 12, 2023Ravie LakshmananNetwork Security / Malware
As many as five security flaws have been disclosed in Netgear RAX30 routers that could be chained...
Millions of Android Phones Comes Pre-Infected with Malware
Researchers from Trend Micro at Black Hat Asia claim that criminals have pre-infected millions of Android devices with malicious firmware before the devices ever...
New Stealthy Variant of Linux Backdoor BPFDoor Emerges from the Shadows
May 12, 2023Ravie LakshmananLinux / Malware
A previously undocumented and mostly undetected variant of a Linux backdoor called BPFDoor has been spotted in the...
PoC Disclosed for Five Vulnerabilities to Exploit Netgear Routers
As the threats against the Internet of Things are on the rise, several types of research are going on to secure these devices.As part...
Bl00dy Ransomware Gang Strikes Education Sector with Critical PaperCut Vulnerability
May 12, 2023Ravie LakshmananVulnerability / Ransomware
U.S. cybersecurity and intelligence agencies have warned of attacks carried out by a threat actor known as the...
Risks of Leaving USB Devices & Critical Enterprise Data Unmonitored
A USB device is a popular choice for storing data and information and, alas, a popular data theft target for hackers. In this article,...
Severe Security Flaw Exposes Over a Million WordPress Sites to Hijack
May 12, 2023Ravie LakshmananVulnerability / Website Security
A security vulnerability has been disclosed in the popular WordPress plugin Essential Addons for Elementor that could...
GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets
May 11, 2023Ravie Lakshmanan
GitHub has announced the general availability of a new security feature called push protection, which aims to prevent developers from...
Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems
May 11, 2023Ravie LakshmananServer Security / Ransomware
Multiple threat actors have capitalized on the leak of Babuk (aka Babak or Babyk) ransomware code in...