Infinite Client and WP Time Capsule, two WordPress plugins, contain vulnerabilities that leave sites open to attack. The bug is a critical authorization complication that allows adversaries access to the backend of a site without a password. The attacker only needs the admin username for the WordPress plugins. Both of

New video footage appears to show missiles striking the Ukraine International Airlines Flight 752 on January 8. The plane crashed over the Iranian capital of Tehran, killing all 176 people on board. The crash caused international outrage after Tehran released a statement admitting to causing the crash after claiming that

A website gathering donations to support the victims of the horrific wildfires in Australia has been attacked by a credential skimming malware, placing thousands of donors at risk. The hack may have compromised donors’ payment information. The attack was carried out using Magecart malware injected into the ATMZOW skimmer on

American troops knew about the impending missile barrage hours before they hit. Ain al-Asad airbase in western Iraq went on lockdown several hours before the attack, which was carried out by Iranian forces. The attack, which lasted nearly two hours, caused no US casualties, however, several troops were treated for

The anonymous threat actors behind the Maze Ransomware attacks are being sued by a victim after an attack in early December left their information vulnerable. The victim, US company Southwire, claims that Maze accessed their network, stole and encrypted data, and later published the information after Southwire failed to pay

Researchers at Kaspersky, a cybersecurity company, have uncovered 65 malicious files disguised as copies of the Rise of Skywalker, the latest and final movie in the Star Wars trilogy, as well as over 30 phishing sites and media profiles posing as official movie accounts that distribute free copies of the

A new malware dropper, dubbed the Legion Loader, has emerged. Deep Instinct researchers discovered the malware, and have since been referring to it as a “hornet’s nest” of malware due to its ability to infect computers and install additional malware on them. Although this is common among droppers, which are

American convenience store chain Wawa disclosed that they had been attacked with malware installed on its payment processing systems after their security team discovered the malware last week. The malware was installed on Wawa servers on March 4 and was not discovered until December 10. Data collected includes payment card

One of the largest financial hubs in the world has shut down its networks earlier this week as a result of a malware attack involving the infamous financial malware Emotet. Frankfurt has become the fourth Germany entity to shut down its IT network due to an attack in the past

An advanced threat actor, nicknamed Gangnam Industrial Style, targeted hundreds of industrial companies across the globe, using a new version of an old info-stealer to extract sensitive data. The spear-phishing campaign comprises of malicious attachments disguised as PDF files, which drop Separ malware when clicked. Separe malware steals login data