Malware infiltrates Pidgin messenger’s official plugin repository
The Pidgin messaging app removed the ScreenShareOTR plugin from its official third-party plugin list after it was discovered that it…
Versa fixes Director zero-day vulnerability exploited in attacks
Versa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an…
ASUS warns of critical remote authentication bypass on 7 routers
ASUS has released a new firmware update that addresses a vulnerability impacting seven router models that allow remote attackers to log in…
Critical Forminator plugin flaw impacts over 300k WordPress sites
The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows malicious actors to perform unrestricted…
GitHub comments abused to push malware via Microsoft repo URLs
A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with…
New WogRAT malware abuses online notepad service to store malware
A new malware dubbed 'WogRAT' targets both Windows and Linux in attacks abusing an online notepad platform named 'aNotepad' as…
More Ivanti VPN Zero-Days Fuel Attack Frenzy as Patches Finally Roll
Both China-backed APTs and ordinary cyberattackers have seized on a pair of Ivanti VPN bugs for global exploitation.
Patch Now: Exploit Activity Mounts for Dangerous Apache Struts 2 Bug
CVE-2023-50164 is harder to exploit than the 2017 Struts bug behind the massive breach at Equifax, but don't underestimate the…
Hackers are exploiting critical Apache Struts flaw using public PoC
Hackers are attempting to leverage a recently fixed critical vulnerability (CVE-2023-50164) in Apache Struts that leads to remote code execution,…
Kali Linux 2023.4 released with GNOME 45 and 15 new tools
Kali Linux 2023.4, the fourth and final version of 2023, is now available for download, with fifteen new tools and…