A critical flaw in the WP Product Review Lite plugin installed on over 40,000 WordPress sites could potentially allow their take over. Attackers could exploit a critical vulnerability in the WP Product Review Lite WordPress plugin to inject malicious code and potentially take over vulnerable websites. The WP Product Review Lite plugin allows site owners to quickly create custom review […]
Microsoft has recently announced that it has made some of its COVID-19 threat intelligence open-source. While the number of Coronavirus-themed attacks continues to increase increased Microsoft announced it is open-sourcing its COVID-19 threat intelligence to help organizations to repeal these threats. “Microsoft processes trillions of signals each day across identities, endpoint, cloud, applications, and email, […]
Experts spotted a new malware dubbed QNodeService that was involved in Coronavirus-themed phishing campaign, crooks promise victims COVID-19 tax relief. Researchers uncovered a new malware dubbed QNodeService that was employed in a Coronavirus-themed phishing campaign. The operators behind the campaign use COVID-19 lure promising victims tax relief. The phishing messages use Trojan sample associated with […]
Chinese threat actors, tracked as Tropic Trooper and KeyBoy, has been targeting air-gapped military networks in Taiwan and the Philippines. Chinese APT group Tropic Trooper, aka KeyBoy, has been targeting air-gapped military networks in Taiwan and the Philippines, Trend Micro researchers reported. The Tropic Trooper APT that has been active at least since 2011, it was first spotted in 2015 […]
Russia-linked cyberespionage group Turla targets diplomatic entities in Europe with a new piece of malware tracked as COMpfun. Security experts from Kaspersky Lab have uncovered a new cyberespionage campaign carried out by Russia-linked APT Turla that employs a new version of the COMpfun malware. The new malware allows attackers to control infected hosts using a […]
Threat actors are offering for sale tens of databases on a hacker forum that contains roughly 550 million stolen user records. Security experts from Cyble reported that a threat actor is attempting to sell twenty-nine databases on a hacker forum since May 7. Forum members could also buy each database individually. The archives allegedly contain a total […]
Norwayâs state investment fund, Norfund, suffered a business email compromise (BEC) attack, hackers stole $10 million. Hackers stole $10 million from Norwayâs state investment fund, Norfund, in a business email compromise (BEC) attack. Norfund is a private equity company established by the Norwegian Storting (parliament) in 1997 and owned by the Norwegian Ministry of Foreign […]
The popular zero-day broker Zerodium announced new limitations it the submission of certain types of iOS exploits due to surplus. The exploit broker Zerodium announced that itâs no longer accepting certain types of iOS exploits due to surplus, this implies that prices for them will drop in the near future. The company announced via Twitter that […]
US authorities warned healthcare and scientific researchers that China-linked hackers were attempting to steal COVID-19 vaccine research. US authorities warned healthcare and scientific researchers that China-linked hackers were attempting to steal research related to treatments and vaccines for COVID-19. “The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are issuing this […]
Experts found a critical bug in Google’s official WordPress plugin ‘Site Kit’ that could allow hackers to gain owner access to targeted sites’ Google Search Console. The Site Kit WordPress plugin makes it easy to set up and configure key Google products (i.e. Search Console, Analytics, Tag Manager, PageSpeed Insights, Optimize, and AdSense), giving users authoritative and […]