#wordpress-security
#wordpress-security

[ follow ]

How To Protect Media Files Uploaded to WordPress - Speckyboy

The WordPress Media Library has useful features but poses security risks for sensitive files.

fromThe Hacker News

2 months ago

Information security

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

Privacy technologies

fromSpeckyboy Design Magazine

1 day ago

How To Protect Media Files Uploaded to WordPress - Speckyboy

The WordPress Media Library has useful features but poses security risks for sensitive files.

fromThe Hacker News

2 months ago

Information security

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

Guardarian Users Targeted With Malicious Strapi NPM Packages

A supply chain attack targeting the Strapi ecosystem involved 36 malicious NPM packages delivering various harmful payloads.

North Korean Hackers Target High-Profile Node.js Maintainers

North Korean hackers are targeting Node.js maintainers using social engineering tactics similar to those used in previous campaigns.

Information security

fromFortune

3 days ago

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.

Information security

fromwww.cybersecuritydive.com

5 days ago

Axios open-source library targeted in sophisticated supply chain attack

A North Korean threat actor compromised the axios library, introducing a malicious dependency that deploys a backdoor across multiple operating systems.

Information security

fromSecurityWeek

1 hour ago

North Korean Hackers Target High-Profile Node.js Maintainers

North Korean hackers are targeting Node.js maintainers using social engineering tactics similar to those used in previous campaigns.

Information security

fromFortune

3 days ago

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.

Information security

fromwww.cybersecuritydive.com

5 days ago

Axios open-source library targeted in sophisticated supply chain attack

A North Korean threat actor compromised the axios library, introducing a malicious dependency that deploys a backdoor across multiple operating systems.

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

Information security

fromArs Technica

2 days ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

DevOps

fromInfoWorld

3 days ago

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

Information security

fromArs Technica

2 days ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

more#openclaw

Privacy professionals

fromSilicon Canals

3 days ago

A money-transfer app stored customer passports on an unencrypted, publicly accessible server for nearly five years - Silicon Canals

Fintech companies face regulatory pressure to collect identity documents but lack enforceable obligations to protect them, leading to data breaches.

Fortinet Rushes Emergency Fixes for Exploited Zero-Day

Fortinet released emergency hotfixes for a critical vulnerability in FortiClient EMS that allows remote code execution without authentication.

Information security

fromThe Hacker News

1 day ago

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Fortinet released patches for a critical vulnerability in FortiClient EMS, allowing unauthenticated attackers to execute unauthorized commands.

Information security

fromSecurityWeek

6 days ago

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Threat actors exploit a critical SQL injection vulnerability in Fortinet FortiClient EMS, allowing remote code execution without authentication.

Information security

fromSecurityWeek

2 hours ago

Fortinet Rushes Emergency Fixes for Exploited Zero-Day

Fortinet released emergency hotfixes for a critical vulnerability in FortiClient EMS that allows remote code execution without authentication.

Information security

fromThe Hacker News

1 day ago

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Fortinet released patches for a critical vulnerability in FortiClient EMS, allowing unauthenticated attackers to execute unauthorized commands.

Information security

fromSecurityWeek

6 days ago

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Threat actors exploit a critical SQL injection vulnerability in Fortinet FortiClient EMS, allowing remote code execution without authentication.

Node JS

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

fromThe Hacker News

2 days ago

Information security

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

fromThe Hacker News

3 days ago

Information security

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

fromInfoQ

1 week ago

Node JS

Are We Ready for the Next Cyber Security Crisis Like Log4shell?

Information security

fromTechCrunch

1 day ago

After fighting malware for decades, this cybersecurity veteran is now hacking drones | TechCrunch

Mikko Hyppönen emphasizes the invisible nature of cybersecurity work, comparing it to Tetris where successes vanish and failures accumulate.

Information security

fromSecurityWeek

2 days ago

In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware

New Android malware targets banking users, Italy fines Intesa Sanpaolo for data breach, Apple updates Mac security against ClickFix attacks.

Node JS

fromThe Hacker News

1 day ago

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

36 malicious npm packages disguised as Strapi CMS plugins facilitate exploitation and credential harvesting.

Information security

fromThe Hacker News

2 days ago

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

A targeted social engineering campaign by North Korean actors led to a supply chain compromise of the Axios npm package.

Information security

fromThe Hacker News

3 days ago

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The ThreatsDay Bulletin provides a concise overview of current cybersecurity threats and trends affecting system safety.

Node JS

fromInfoQ

1 week ago

Are We Ready for the Next Cyber Security Crisis Like Log4shell?

Organizations are not prepared for the next cybersecurity crisis, similar to Log4Shell.

Information security

fromTechCrunch

1 day ago

After fighting malware for decades, this cybersecurity veteran is now hacking drones | TechCrunch

Mikko Hyppönen emphasizes the invisible nature of cybersecurity work, comparing it to Tetris where successes vanish and failures accumulate.

Information security

fromSecurityWeek

2 days ago

In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware

New Android malware targets banking users, Italy fines Intesa Sanpaolo for data breach, Apple updates Mac security against ClickFix attacks.

Exclusive: Money transfer app Duc exposed thousands of driver's licenses and passports to the open web

A publicly accessible Amazon storage server exposed personal data of hundreds of thousands, including driver's licenses and passports, without encryption.

Privacy professionals

fromSilicon Canals

3 days ago

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.

Information security

fromTheregister

4 days ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

Privacy technologies

fromTechCrunch

3 days ago

Exclusive: Money transfer app Duc exposed thousands of driver's licenses and passports to the open web

A publicly accessible Amazon storage server exposed personal data of hundreds of thousands, including driver's licenses and passports, without encryption.

Privacy professionals

fromSilicon Canals

3 days ago

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.

Information security

fromTheregister

4 days ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

De-fi platform Drift suspends deposits and withdrawals after millions in crypto stolen in hack | TechCrunch

Drift has suspended withdrawals and deposits due to a significant security incident involving a potential theft of up to $285 million.

Information security

fromThe Hacker News

2 days ago

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Threat actors exploit HTTP cookies for PHP web shells on Linux servers, enabling remote code execution with stealthy control mechanisms.

Node JS

fromYcombinator

4 hours ago

Show HN: I rewrote my 2012 self-signed cert generator in Go - cert-depot.com | Hacker News

A new certificate generation tool was built in Go, eliminating external dependencies and improving security features.

#whatsapp

Privacy professionals

fromTechCrunch

4 days ago

WhatsApp notifies hundreds of users who installed a fake app that was actually government spyware | TechCrunch

WhatsApp notified 200 users about a malicious fake app containing spyware created by Italian firm SIO.

Information security

fromTheregister

5 days ago

Don't open that WhatsApp message, Microsoft warns

WhatsApp messages are being exploited to deliver malicious files that allow attackers to control victims' machines and access their data.

Privacy professionals

fromTechCrunch

4 days ago

WhatsApp notifies hundreds of users who installed a fake app that was actually government spyware | TechCrunch

WhatsApp notified 200 users about a malicious fake app containing spyware created by Italian firm SIO.

Information security

fromTheregister

5 days ago

Don't open that WhatsApp message, Microsoft warns

WhatsApp messages are being exploited to deliver malicious files that allow attackers to control victims' machines and access their data.

more#whatsapp

fromDevOps.com

4 hours ago

Is Your AI Agent Secure? The DevOps Case for Adversarial QA Testing - DevOps.com

The most dangerous assumption in quality engineering right now is that you can validate an autonomous testing agent the same way you validated a deterministic application. When your systems can reason, adapt, and make decisions on their own, that linear validation model collapses.

Information security

DevOps

fromInfoQ

1 week ago

Panel: Security Against Modern Threats

Modern threats to software supply chains require resilience by design, integrating security into engineering workflows and empowering developers with the right tools.

Privacy technologies

fromWIRED

6 days ago

This App Makes Even the Sketchiest PDF or Word Doc Safe to Open

Dangerzone is a free tool that safely opens potentially harmful documents by converting them into secure image-based PDFs.

Axios npm Package Compromised in Supply Chain Attack

A significant supply chain attack on Axios introduced a Remote Access Trojan via hijacked maintainer accounts, affecting numerous developer environments.

Node JS

fromTheregister

6 days ago

Top npm package backdoored to drop dirty RAT on dev machines

A widely used npm library, axios, was compromised to deliver malware through a maintainer's hijacked account.

Node JS

fromBleepingComputer

5 days ago

Hackers compromise Axios npm package to drop cross-platform malware

Hackers compromised the Axios npm account to distribute remote access trojans across multiple operating systems.

Node JS

fromInfoQ

4 days ago

Axios npm Package Compromised in Supply Chain Attack

A significant supply chain attack on Axios introduced a Remote Access Trojan via hijacked maintainer accounts, affecting numerous developer environments.

Node JS

fromTheregister

6 days ago

Top npm package backdoored to drop dirty RAT on dev machines

A widely used npm library, axios, was compromised to deliver malware through a maintainer's hijacked account.

Node JS

fromBleepingComputer

5 days ago

Hackers compromise Axios npm package to drop cross-platform malware

Hackers compromised the Axios npm account to distribute remote access trojans across multiple operating systems.

Brilliant backups landed web developer in big trouble

A website migration oversight caused a two-year disconnect where office staff viewed outdated content due to hardcoded DNS settings, while the client only discovered the issue when accessing the site from the office.

Information security

fromnews.bitcoin.com

8 hours ago

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Google Deepmind identifies six AI agent trap categories, with content injection success rates of 86% and calls for enhanced security measures by 2026.

#axios

fromSecurityWeek

5 days ago

Node JS

Axios NPM Package Breached in North Korean Supply Chain Attack

Information security

fromBleepingComputer

1 day ago

Axios npm hack used fake Teams error fix to hijack maintainer account

A social engineering attack linked to North Korean hackers compromised Axios maintainers, leading to a supply chain attack with malicious npm package versions.

fromThe Hacker News

6 days ago

Node JS

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

fromSiliconANGLE

5 days ago

Information security

Hackers compromise popular Axios Javascript library with hidden malware - SiliconANGLE

Node JS

fromSecurityWeek

5 days ago

Axios NPM Package Breached in North Korean Supply Chain Attack

Malicious Axios NPM library versions were distributed in a supply chain attack by North Korean hackers, affecting millions of users.

Information security

fromBleepingComputer

1 day ago

Axios npm hack used fake Teams error fix to hijack maintainer account

A social engineering attack linked to North Korean hackers compromised Axios maintainers, leading to a supply chain attack with malicious npm package versions.

Node JS

fromThe Hacker News

6 days ago

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios experienced a supply chain attack due to malicious dependencies in two npm package versions.

Information security

fromSiliconANGLE

5 days ago

Hackers compromise popular Axios Javascript library with hidden malware - SiliconANGLE

Axios HTTP client library was hacked to distribute malware via a compromised npm account, affecting multiple operating systems.

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won't Patch

A researcher discovered a fourth method to bypass WhatsApp's View Once feature using a modified client, which Meta will not patch because it falls outside their security model.

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Malicious Packagist PHP packages disguised as Laravel utilities distribute a cross-platform remote access trojan enabling full system compromise on Windows, macOS, and Linux.

Information security

fromSecurityWeek

4 days ago

Mercor Hit by LiteLLM Supply Chain Attack

Mercor was impacted by a supply chain attack involving LiteLLM, resulting in the theft of 4 terabytes of data.

Information security

fromTheregister

4 days ago

Mercor says it was 'one of thousands' hit in LiteLLM attack

Mercor confirmed it was affected by the LiteLLM supply-chain attack, with significant data theft by the Lapsus$ group.

Information security

fromInfoQ

6 days ago

PyPI Supply Chain Attack Compromises LiteLLM, Enabling the Exfiltration of Sensitive Information

A supply chain attack on LiteLLM led to over 40,000 downloads of a compromised package that harvested sensitive information.

Information security

fromSecurityWeek

3 weeks ago

Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea

The 2024 Polyfill.io supply chain attack affecting over 100,000 websites involved both Chinese and North Korean threat actors, with Funnull serving as a corporate front for the operation.

Web frameworks

fromThe Hacker News

1 month ago

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Malicious Packagist PHP packages disguised as Laravel utilities distribute a cross-platform remote access trojan enabling full system compromise on Windows, macOS, and Linux.

Information security

fromSecurityWeek

4 days ago

Mercor Hit by LiteLLM Supply Chain Attack

Mercor was impacted by a supply chain attack involving LiteLLM, resulting in the theft of 4 terabytes of data.

Information security

fromTheregister

4 days ago

Mercor says it was 'one of thousands' hit in LiteLLM attack

Mercor confirmed it was affected by the LiteLLM supply-chain attack, with significant data theft by the Lapsus$ group.

Information security

fromInfoQ

6 days ago

PyPI Supply Chain Attack Compromises LiteLLM, Enabling the Exfiltration of Sensitive Information

A supply chain attack on LiteLLM led to over 40,000 downloads of a compromised package that harvested sensitive information.

Information security

fromSecurityWeek

3 weeks ago

Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea

The 2024 Polyfill.io supply chain attack affecting over 100,000 websites involved both Chinese and North Korean threat actors, with Funnull serving as a corporate front for the operation.

more#supply-chain-attack

Information security

fromThe Hacker News

3 days ago

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

A large-scale credential harvesting operation exploits the React2Shell vulnerability to steal sensitive data from compromised hosts across multiple regions.

Information security

fromSecurityWeek

3 days ago

Critical ShareFile Flaws Lead to Unauthenticated RCE

Two critical vulnerabilities in ShareFile could allow unauthenticated remote code execution through improper access to configuration pages.

Information security

fromSecurityWeek

3 days ago

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

Threat actor exploits Next.js vulnerabilities to exfiltrate credentials and compromise systems at scale, affecting over 766 systems and collecting more than 10,000 files.

Information security

fromThe Hacker News

3 days ago

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Drift decentralized exchange lost $285 million due to a sophisticated attack involving unauthorized access and social engineering.

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google has released a security update for Chrome due to multiple high-severity vulnerabilities, including an actively exploited use-after-free flaw.

fromSecurityWeek

4 days ago

Information security

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome

Information security

fromTechRepublic

3 days ago

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google has released a security update for Chrome due to multiple high-severity vulnerabilities, including an actively exploited use-after-free flaw.

Information security

fromSecurityWeek

4 days ago

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome

Google's Chrome 146 update addresses 21 vulnerabilities, including a zero-day exploit tracked as CVE-2026-5281.

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.

Information security

fromComputerworld

3 days ago

Jamf warns of massive app insecurities

Mac and iOS users face significant security threats, with many devices vulnerable to attacks and outdated systems.

Information security

fromInfoQ

3 days ago

Open Source Security Tool Trivy Hit by Supply Chain Attack, Prompting Urgent Industry Response

A malicious release of the Trivy vulnerability scanner exposed critical weaknesses in software supply chain security, allowing for potential credential theft.

#malware

fromThe Hacker News

3 days ago

Information security

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

Information security

fromTechRepublic

4 days ago

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

fromTheregister

3 days ago

Information security

Fake Claude Code source downloads actually delivered malware

Information security

fromThe Hacker News

4 days ago

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

fromSecurityWeek

4 days ago

Information security

New DeepLoad Malware Dropped in ClickFix Attacks

fromBleepingComputer

6 days ago

Information security

New RoadK1ll WebSocket implant used to pivot on breached networks

Information security

fromThe Hacker News

3 days ago

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

A new version of SparkCat malware targets cryptocurrency users on mobile platforms, concealing itself in benign apps and evolving its technical capabilities.

Information security

fromTechRepublic

4 days ago

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

Information security

fromTheregister

3 days ago

Fake Claude Code source downloads actually delivered malware

Leaked Claude Code source code led to malware downloads, including credential-stealing Vidar and proxy tool GhostSocks, via a malicious GitHub repository.

Information security

fromThe Hacker News

4 days ago

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Operation REF1695 uses fake installers to deploy RATs and cryptocurrency miners, monetizing infections through CPA fraud since November 2023.

Information security

fromSecurityWeek

4 days ago

New DeepLoad Malware Dropped in ClickFix Attacks

DeepLoad malware steals credentials and intercepts browser interactions, utilizing ClickFix for distribution and evading detection through sophisticated techniques.

Information security

fromBleepingComputer

6 days ago

New RoadK1ll WebSocket implant used to pivot on breached networks

RoadK1ll is a Node.js implant that enables attackers to pivot from a compromised host to other internal systems undetected.

Axios supply chain attack victim posts postmortem to prevent a repeat

Axios was compromised for three hours, distributing Remote Access Trojans due to a sophisticated social engineering attack by North Korean group UNC1069.

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Cisco has released critical updates to address vulnerabilities in its Integrated Management Controller and Smart Software Manager On-Prem.

Information security

fromSecurityWeek

3 days ago

Cisco Patches Critical and High-Severity Vulnerabilities

Cisco has released fixes for two critical and six high-severity vulnerabilities affecting various enterprise networking products.

Information security

fromThe Hacker News

3 days ago

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Cisco has released critical updates to address vulnerabilities in its Integrated Management Controller and Smart Software Manager On-Prem.

Information security

fromSecurityWeek

3 days ago

Cisco Patches Critical and High-Severity Vulnerabilities

Cisco has released fixes for two critical and six high-severity vulnerabilities affecting various enterprise networking products.

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Anthropic's Claude Code source code was leaked, revealing operational details but not compromising sensitive data like model weights or customer information.

fromThe Hacker News

4 days ago

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation - Patch Released

"Use-after-free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page."

Information security

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.

Information security

fromThe Hacker News

4 days ago

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

A phishing campaign impersonating CERT-UA distributed malware called AGEWHEEZE targeting various organizations in Ukraine.

Information security

fromTechzine Global

1 week ago

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign targets developers on GitHub, exploiting Discussions to spread fake security alerts about Visual Studio Code and distribute malware.

Information security

fromThe Hacker News

4 days ago

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.

Information security

fromThe Hacker News

4 days ago

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

A phishing campaign impersonating CERT-UA distributed malware called AGEWHEEZE targeting various organizations in Ukraine.

Information security

fromTechzine Global

1 week ago

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign targets developers on GitHub, exploiting Discussions to spread fake security alerts about Visual Studio Code and distribute malware.

CrewAI Vulnerabilities Expose Devices to Hacking

Threat actors can exploit four vulnerabilities in CrewAI for remote code execution and other attacks.

Information security

fromInfoQ

6 days ago

Cloudflare Adds Active API Vulnerability Scanning to Its Edge

Cloudflare's Web and API Vulnerability Scanner focuses on detecting Broken Object Level Authorization vulnerabilities in APIs.

Information security

fromSecurityWeek

5 days ago

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.

Information security

fromThe Hacker News

5 days ago

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

Anthropic confirmed a human error led to the accidental release of Claude Code's internal source code, but no sensitive data was exposed.

Information security

fromComputerWeekly.com

5 days ago

Banning routers won't fix what's already broken | Computer Weekly

The FCC's ban on foreign-made routers addresses future procurement, not current security risks, as routers are already vulnerable and widely deployed.

Information security

fromSecurityWeek

5 days ago

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

Information security

fromSecurityWeek

6 days ago

StrongSwan Flaw Allows Unauthenticated Attackers to Crash VPNs

A high-severity vulnerability in StrongSwan's EAP-TTLS AVP parser can be exploited remotely to crash VPN services.

Information security

fromSecurityWeek

5 days ago

Venom Stealer Raises Stakes With Continuous Credential Harvesting

Stolen credentials via infostealers like Venom Stealer are central to modern cybercrime.

Information security

fromTheregister

6 days ago

Citrix NetScaler bug may be multiple flaws in one

In-the-wild exploitation of a critical Citrix NetScaler bug has begun, with attackers actively targeting vulnerable systems within days of its disclosure.

Information security

fromSecurityWeek

1 week ago

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

macOS users are targeted by a ClickFix campaign delivering a Python-based information stealer through a fake Cloudflare verification page.

fromComputerworld

2 weeks ago

Chrome encryption bypass discovered: New malware steals passwords and cookies

The bypass requires neither privilege escalation nor code injection, making it a stealthier approach compared to alternative ABE bypass methods.

Information security

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

A critical security flaw in Magento's REST API allows unauthenticated attackers to upload malicious executables, risking code execution and account takeover.

Information security

fromSecurityWeek

2 weeks ago

Thousands of Magento Sites Hit in Ongoing Defacement Campaign

Over 7,500 Magento sites were defaced in a campaign exploiting file upload vulnerabilities, affecting global brands and various organizations.

Information security

fromThe Hacker News

2 weeks ago

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

A critical security flaw in Magento's REST API allows unauthenticated attackers to upload malicious executables, risking code execution and account takeover.

Information security

fromSecurityWeek

2 weeks ago

Thousands of Magento Sites Hit in Ongoing Defacement Campaign

Over 7,500 Magento sites were defaced in a campaign exploiting file upload vulnerabilities, affecting global brands and various organizations.

Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk

A critical vulnerability in the Ally WordPress plugin allows unauthenticated attackers to extract sensitive database data including password hashes from hundreds of thousands of affected websites.

fromSecurityWeek

3 weeks ago

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database via time-based blind SQL injection techniques.

Information security

fromTheregister

3 weeks ago

Crooks compromise WordPress sites, spread infostealers

Attackers compromised legitimate WordPress sites including a US Senate candidate's website to distribute infostealer malware through fake Cloudflare CAPTCHA pages that trick users into running malicious commands.

Information security

fromThe Hacker News

3 weeks ago

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials

Storm-2561 uses SEO poisoning to distribute fake VPN clients that steal credentials by redirecting users to malicious websites hosting digitally signed trojans.

Information security

fromSecurityWeek

3 weeks ago

Critical N8n Vulnerabilities Allowed Server Takeover

Two critical vulnerabilities in n8n allowed unauthenticated remote code execution and sandbox escape, potentially exposing all stored credentials including AWS keys, passwords, OAuth tokens, and API keys.

Information security

fromThe Hacker News

4 weeks ago

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

Chinese threat actor CL-UNK-1068 conducted years-long cyber espionage campaign targeting high-value organizations across aviation, energy, government, law enforcement, pharmaceutical, technology, and telecommunications sectors in South, Southeast, and East Asia.

fromZDNET

1 month ago

Half of all cyberattacks start in your browser: 10 essential tips for staying safe

Web browsers are among the top targets for today's cybercriminals, playing a role in nearly half of all security incidents, new research reveals. According to Palo Alto Networks' 2026 Global Incident Response report, an analysis of 750 major cyber incidents recorded last year across 50 countries found that, in total, 48% of cybercrime events involved browser activity. Individuals trying to connect to the web, including business employees, are exposed to cyberthreats on a daily basis.

Information security

fromThe Cyber Express

2 months ago

All In One SEO Vulnerability Exposes AI Token On WordPress

A missing permission check in All In One SEO's REST API allowed Contributor-level users to retrieve a site's global AI access token.

[ Load more ]

#wordpress-security#wordpress-security

How To Protect Media Files Uploaded to WordPress - Speckyboy

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

How To Protect Media Files Uploaded to WordPress - Speckyboy

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

Guardarian Users Targeted With Malicious Strapi NPM Packages

North Korean Hackers Target High-Profile Node.js Maintainers

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

Axios open-source library targeted in sophisticated supply chain attack

North Korean Hackers Target High-Profile Node.js Maintainers

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

Axios open-source library targeted in sophisticated supply chain attack

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Understanding the risks of OpenClaw

OpenClaw gives users yet another reason to be freaked out about security

Understanding the risks of OpenClaw

OpenClaw gives users yet another reason to be freaked out about security

A money-transfer app stored customer passports on an unencrypted, publicly accessible server for nearly five years - Silicon Canals

Fortinet Rushes Emergency Fixes for Exploited Zero-Day

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Fortinet Rushes Emergency Fixes for Exploited Zero-Day

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

Are We Ready for the Next Cyber Security Crisis Like Log4shell?

After fighting malware for decades, this cybersecurity veteran is now hacking drones | TechCrunch

In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

Are We Ready for the Next Cyber Security Crisis Like Log4shell?

After fighting malware for decades, this cybersecurity veteran is now hacking drones | TechCrunch

In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware

Exclusive: Money transfer app Duc exposed thousands of driver's licenses and passports to the open web

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

The company's biggest security hole lived in the breakroom

Exclusive: Money transfer app Duc exposed thousands of driver's licenses and passports to the open web

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

The company's biggest security hole lived in the breakroom

De-fi platform Drift suspends deposits and withdrawals after millions in crypto stolen in hack | TechCrunch

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Show HN: I rewrote my 2012 self-signed cert generator in Go - cert-depot.com | Hacker News

WhatsApp notifies hundreds of users who installed a fake app that was actually government spyware | TechCrunch

Don't open that WhatsApp message, Microsoft warns

WhatsApp notifies hundreds of users who installed a fake app that was actually government spyware | TechCrunch

Don't open that WhatsApp message, Microsoft warns

Is Your AI Agent Secure? The DevOps Case for Adversarial QA Testing - DevOps.com

Panel: Security Against Modern Threats

This App Makes Even the Sketchiest PDF or Word Doc Safe to Open

Axios npm Package Compromised in Supply Chain Attack

Top npm package backdoored to drop dirty RAT on dev machines

Hackers compromise Axios npm package to drop cross-platform malware

Axios npm Package Compromised in Supply Chain Attack

Top npm package backdoored to drop dirty RAT on dev machines

Hackers compromise Axios npm package to drop cross-platform malware

Brilliant backups landed web developer in big trouble

Deepmind's 'AI Agent Traps' Paper Maps How Hackers Could Weaponize AI Agents Against Users

Axios NPM Package Breached in North Korean Supply Chain Attack

Axios npm hack used fake Teams error fix to hijack maintainer account

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Hackers compromise popular Axios Javascript library with hidden malware - SiliconANGLE

Axios NPM Package Breached in North Korean Supply Chain Attack

Axios npm hack used fake Teams error fix to hijack maintainer account

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Hackers compromise popular Axios Javascript library with hidden malware - SiliconANGLE

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won't Patch

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Mercor Hit by LiteLLM Supply Chain Attack

Mercor says it was 'one of thousands' hit in LiteLLM attack

PyPI Supply Chain Attack Compromises LiteLLM, Enabling the Exfiltration of Sensitive Information

Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Mercor Hit by LiteLLM Supply Chain Attack

Mercor says it was 'one of thousands' hit in LiteLLM attack

PyPI Supply Chain Attack Compromises LiteLLM, Enabling the Exfiltration of Sensitive Information

Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

#wordpress-security
#wordpress-security