WooCommerce, a popular plug-in for running WordPress-based online stores, contains a critical vulnerability that could allow attackers to take over websites. Technical details about the vulnerability have not been published yet, but the WooCommerce team released updates and attackers could reverse-engineer the patch.
“Although what we know at this time is limited, what we do know is that the vulnerability allows for unauthenticated administrative takeover of websites,” researchers from web security firm Sucuri said in a blog post. “Website administrators using this plugin are advised to issue the patch as soon as possible and check for any suspicious activity within their WordPress websites such as any administrative actions performed from unrecognized IP addresses.”
To read this article in full, please click here
Friday Squid Blogging: Light-Emitting Squid
It’s a Taningia danae: Their arms are lined with two rows of sharp retractable hooks. And, like most deep-sea squid,...
University of Manchester Suffers Suspected Data Breach During Cyber Incident
The University is working with authorities to resolve the incident and understand what data has been accessed Read More
Barracuda: Immediately rip out and replace our security hardware
Barracuda Networks is taking the unusual step of telling its customers to physically remove and decommission its hardware. Read More
Google launches Secure AI Framework to help secure AI technology
Google has announced the launch of the Secure AI Framework (SAIF), a conceptual framework for securing AI systems. Google, owner...
Barracuda Urges Swift Replacement of Vulnerable ESG Appliances
Investigating the ESG bug, Rapid7 assumed the presence of persistent malware hindering device wipes Read More
Operation Triangulation: Zero-Click iPhone Malware
Kaspersky is reporting a zero-click iOS exploit in the wild: Mobile device backups contain a partial copy of the filesystem,...