Latest News: Cybersecurity

All-In-One Security (AIOS), a widely-used WordPress plugin with over 1 million installations, has issued a security update to fix a bug which caused users' passwords to be stored in plaintext on the WordPress site’s database. AIOS confirmed that the bug, introduced in version 5.1.9, has been

A reliable source has revealed that a Chinese group, recognized by Microsoft, recently launched a cyber attack on the email accounts of important American officials, such as the Commerce Secretary, Gina Raimondo. The consequences of this theft are still unfolding and are affecting a larger number

Cybersecurity researchers have uncovered a sophisticated cyberattack campaign in China, where hackers utilize a Microsoft-signed rootkit to target the gaming sector. The investigation by security firm Trend Micro revealed that the malicious actor responsible for this campaign is believed to be

Cybersecurity researchers have uncovered a new Charming Kitten campaign utilizing a newly identified malware named NokNok. The campaign, which commenced in May, demonstrates the group's adaptation to different infection chains and their growing focus on targeting macOS systems. Charming Kitten

Last week, cybersecurity experts at Pradeo made a disconcerting revelation: two spyware applications had managed to infiltrate Google Play. Disguised as innocent file management tools, these malicious apps have jeopardized the security of up to 1.5 million users. The experts promptly alerted Google

In a major breakthrough, Interpol announced the arrest of a suspected senior member believed to be the leader of the notorious cybercrime group known as OPERA1ER. The arrest resulted from a successful joint operation named Nervone, involving Interpol, AFRIPOL, Group-IB, and the Côte d’Ivoire’s

A tool named TeamsPhisher, developed and released by a U.S. Navy's Red team member, exploits an unaddressed security vulnerability within Microsoft Teams. This tool allows users to bypass restrictions on incoming files from external tenants, which are users outside the organization. By

The Uptycs Threat Research team has recently uncovered a formidable malware called Meduza Stealer, which poses a significant threat to Windows users and organizations worldwide. In a recently published report, Uptycs says, "The Meduza Stealer has a singular objective: comprehensive data theft.

A vulnerability identified as CVE-2023-3460 with a CVSS score of 9.8 has been discovered in all versions of the Ultimate Member plugin, including the most recent release (2.6.6), on June 29. This allowed the hackers to exploit a zero-day vulnerability, exposing WordPress websites to potential

In a significant blow to the cybercriminal underworld, U.S. federal authorities have seized the domain of BreachForums, the notorious hacking site that served as a hub for cybercriminals. The move comes three months after the arrest of Conor Brian Fitzpatrick, the site administrator known as