Please turn on your JavaScript for this page to function normally.
hole
Security researchers sinkholed EITest infection chain

Security researchers have managed to neutralize “EITest,” one of the oldest infection chains and thus preventing as many as two million potential malicious …

danger
Thousands of WP, Joomla and SquareSpace sites serving malicious updates

Thousands of compromised WordPress, Joomla and SquareSpace-based sites are actively pushing malware disguised as Firefox, Chrome and Flash Player updates to visitors. This …

hand
The Wild West of drive-by cryptocurrency mining

As more and more Coinhive clones continue popping up, chances of users’ CPU power being hijacked for cryptocurrency mining are rising. According to Malwarebytes’ …

WordPress
WordPress site admins: Update immediately!

If you’re running your website on WordPress and you haven’t yet upgraded to version 4.8.3, you should do so without delay. The advice comes from the WordPress …

WordPress
EV ransomware is targeting WordPress sites

WordPress security outfit Wordfence has flagged several attempts by attackers to upload ransomware that provides them with the ability to encrypt a WordPress website’s files. …

hand
Telecoms don’t protect users from government overreach

The data stored on our mobile phones, laptops, and especially our online services can, when aggregated, paint a detailed picture of our lives—where we go, who we see, what we …

WordPress
WordPress announces bug bounty program

WordPress Foundation is the latest organization to publicly announce a bug bounty program set up on the HackerOne platform. What’s in scope of the WordPress bug bounty …

WordPress
WordPress admins, take note: RCE and password reset vulnerabilities revealed

Independent security researcher Dawid Golunski has released a proof-of-concept exploit code for an unauthenticated remote code execution vulnerability in WordPress 4.6 …

WordPress
20,000-bots-strong Sathurbot botnet grows by compromising WordPress sites

A 20,000-bots-strong botnet is probing WordPress sites, trying to compromise them and spread a backdoor downloader Trojan called Sathurbot as far and as wide as possible. …

WordPress
Fake SEO plugin backdoors WordPress installations

Administrators of WordPress sites, beware! A fake SEO plugin is being used by attackers to compromise WP installations. The plugin in question is named WP-Base-SEO, and is a …

password unlock
Organizations still vulnerable to brute force attacks

While increases in malware are clearly a major threat to both enterprises and service providers, network complexity is creating its own vulnerability, according to Ixia. The …

WordPress
Tens of thousands WordPress sites defaced, SEO spam to follow

Attackers are actively exploiting the recently patched unauthenticated privilege escalation vulnerability in WordPress’ REST API to deface websites. Sucuri, the company …

Don't miss

Cybersecurity news