Hackers exploiting critical WordPress WooCommerce Payments bug
Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators,…
CISA shares free tools to help secure data in the cloud
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shared a factsheet providing details on free tools and guidance for…
Critical ColdFusion flaws exploited in attacks to drop webshells
Hackers are actively exploiting two ColdFusion vulnerabilities to bypass authentication and remotely execute commands to install webshells on vulnerable servers.…
Meet NoEscape: Avaddon ransomware gang’s likely successor
The new NoEscape ransomware operation is believed to be a rebrand of Avaddon, a ransomware gang that shut down and…
Biden administration announces $39 billion in student debt relief following administrative fixes
The Biden administration announced Friday that 804,000 borrowers will have their student debt wiped away, totaling $39 billion worth of…
Rockwell warns of new APT RCE exploit targeting critical infrastructure
Rockwell Automation says a new remote code execution (RCE) exploit linked to an unnamed Advanced Persistent Threat (APT) group could…
WordPress AIOS plugin used by 1M sites logged plaintext passwords
The All-In-One Security (AIOS) WordPress security plugin, used by over a million WordPress sites, was found to be logging plaintext…
BreachForums owner Pompompurin pleads guilty to hacking charges
20-year-old Conor Brian Fitzpatrick aka Pompompurin, the owner of the notorious BreachForums (aka Breached) hacking forum, has pleaded guilty to charges of…
Gavin Newsom threatens ‘radicalized zealots’ on local school board who rejected books teaching about gay activist Harvey Milk
California Gov. Gavin Newsom promised to use the power of the state to overturn a decision by a local school…
Cisco SD-WAN vManage impacted by unauthenticated REST API access
The Cisco SD-WAN vManage management software is impacted by a flaw that allows an unauthenticated, remote attacker to gain read…