#Vulnerabilities

The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable WordPress site, deleting nearly all database content and uploaded media.

Defending against ransomware will take a move to zero-trust, argues Daniel Spicer, CSO, Ivanti.

The kid was busted after abusing Google Ads to lure users to his fake gift card site.

Out of 92 security vulnerabilities, 66 are rated critical in severity, mostly allowing code execution. The most severe can lead to information disclosure.

A researcher was able to crack 70 percent of the gathered hashes in an experiment in a residential neighborhood.

Researchers found that one critical flaw in question is exploitable from the browser, allowing watering-hole attacks.

The incident triggered shutdowns at pumps across the country as attackers flashed the phone number of Supreme Leader Ali Khamenei across video screens.

Much is made of shared responsibility for cloud security. But Oliver Tavakoli, CTO at Vectra AI, notes there's no guarantee that Azure or AWS are delivering services in a hardened and secure manner.

Kaspersky researchers saw The North Korean state APT use a new variant of the BlindingCan RAT to breach a Latvian IT vendor and then a South Korean think tank.

New software and code stand at the core of everything we do, but how well is all of this new code tested? Luckily, autonomous application security is here.