Grafana fixes zero-day vulnerability after exploits spread over Twitter
Open-source analytics and interactive visualization solution Grafana received an emergency update today to fix a high-severity, zero-day vulnerability that enabled…
Attackers deploy Linux backdoor on e-stores compromised with software skimmer
Researchers discovered threat actors installing a Linux backdoor on compromised e-commerce servers after deploying a credit card skimmer […] The…
Hackers deploy Linux malware, web skimmer on e-commerce servers
Security researchers discovered that attackers are also deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card…
WordPress sites are being hacked in fake ransomware attacks
A new wave of attacks starting late last week has hacked close to 300 WordPress sites to display fake encryption…
WordPress plugin bug impacts 1M sites, allows malicious redirects
The OptinMonster plugin is affected by a high-severity flaw that allows unauthorized API access and sensitive information disclosure on roughly…
Brutal WordPress plugin bug allows subscribers to wipe sites
A high severity security flaw found in a WordPress plugin with more than 8,000 active installs can let authenticated attackers reset…
Moodle Authenticated Spelling Binary Remote Code Execution
Authored by Brandon Perry | Site metasploit.com Moodle allows an authenticated user to define spellcheck settings via the web interface.…
Moodle Teacher Enrollment Privilege Escalation / Remote Code Execution
Authored by h00die, lanz, HoangKien1020 | Site metasploit.com Moodle versions 3.9, 3.8 to 3.8.3, 3.7 to 3.7.6, 3.5 to 3.5.12,…
Online-Food-Ordering-Web-App SQL Injection
Authored by Jason Colyvas | Site github.com Online-Food-Ordering-Web-App suffers from a remote SQL injection vulnerability that allows for authentication bypass.…
Tapatalk Plugins PHP Object Injection
Authored by dH team dH team discovered a PHP object injection vulnerability in all Tapatalk plugins that can allow attackers…