CVE-2021-36839 (social_media_follow_buttons_bar)
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Social Media Follow Buttons Bar plugin <= 4.73 at WordPress. Read More
CVE-2021-36830 (comment_guestbook)
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Comment Guestbook plugin <= 0.8.0 at WordPress. Read More
Hackers Hide Malware in Windows Logo, Target Middle East Governments
The group continued to use the LookBack backdoor, but also several new types of malware Read More
Microsoft: Two New 0-Day Flaws in Exchange Server
Microsoft Corp. is investigating reports that attackers are exploiting two previously unknown vulnerabilities in Exchange Server, a technology many organizations rely on to send and...
Prison for ex-eBay staff who aggressively cyberstalked company’s critics with Craigslist sex party ads and funeral wreaths
Two men, who previously worked at eBay, have been sentenced to prison after admitting their role in a cyberstalking campaign that targeted the editor and...
Hackers Backdoor Pirated Windows OS With Cryptominer and Xtreme RAT
The behavior of the actors was reportedly identical to what was described by Minerva Labs in 2021 Read More
Enterprises embrace devsecops practices against supply chain attacks
For enterprise security professionals alarmed about the rising number of supply chain attacks, a report released this week by Google and supply chain security firm...
Lazarus-Associated Hackers Weaponize Open-Source Tools Against Several Countries
The advisory suggests Zinc has targeted media, defense and aerospace, and IT services Read More
Watchfinder warns customers that hackers stole their data
Luxury pre-owned watch website Watchfinder has warned its user base that their personal data has been accessed after an employee's account was broken into and...
Microsoft Confirms Two Exchange Zero-Day Vulnerabilities
The vulnerabilities were first discovered by Vietnamese cybersecurity firm GTSC Read More