WPGateway plugin, a premium WordPress plugin, has a zero-day vulnerability that is already being aggressively abused in the wild. This gives bad actors the capability to entirely take over vulnerable websites. According to WordPress security firm Wordfence, the vulnerability, identified…
Different SAML implementations make use of open-source initiatives. Researchers caution that a flaw in the Apache project Xalan-J used by numerous SAML implementations leads to arbitrary code execution. A markup language called XSLT (Extensible Stylesheet Language Transformations) may convert XML…
Threat actors can now avoid some of the most powerful phishing defences thanks to a new hacking approach. Criminal organizations are using a new technique for phishing attacks that might render threat actors undetectable, according to security researchers. The method…
According to Facebook, it takes a team of people to explain to you what information the firm has on you. Also where Facebook keeps it, just as it takes a village to raise a child. Two Facebook engineers were questioned…
Security researchers have connected the North Korean state-sponsored Lazarus hacking gang to a recent cyber espionage effort targeting energy suppliers in the United States, Canada, and Japan by using Log4j bug. The threat intelligence firm Cisco Talos reported on Thursday…
WeChat, a Chinese social media site, informed that it stores data on China servers of users who are located outside of China. WeChat users located outside of China received notifications that their personal information, such as likes, comments, browsing and…
A number of ransomware organizations utilize a fresh strategy sporadic encryption technique to speed up the encryption process. Also to decrease the chances of finding and stopping. sporadic encryption technique, known as intermittent encryption, encrypts only a portion of the…
Threat actors are now employing WeTransfer to spread the Lampion malware in bigger quantities as part of their phishing efforts. WeTransfer is a legitimate file-sharing site that is available for free, making it a cost-free technique to get around security…
Baxter’s internet-connected infusion pumps utilized in clinical settings by healthcare providers to administer medication to patients, have been found to contain a number of security flaws. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) stated in a joint advisory that…
IHTeam’s security experts have discovered a RCE bug in a plugin for the pfSense firewall system. Although the problematic pfBlockerNG plugin is not loaded by default, the issue was nonetheless fixed by a June software upgrade. According to IHTeam, the…
