Security
Headlines
HeadlinesLatestCVEs

Tag

#wordpress

Are We on the Brink of Saying Goodbye to Passwords?

Explore the transition from passwords to a passwordless future: enhanced security, convenience, and cutting-edge innovations in biometrics and…

HackRead
Open in Source
#vulnerability#web#apple#google#microsoft#git#wordpress#auth#ssl
How Python Software Development Enhances Cyber Defense

Python has emerged as a powerful ally in combating rising cybersecurity threats and tracking cybercrime through tools leveraging…

Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks

Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution. The vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, carry a CVSS score of 9.8 out of a maximum of 10.0. They were addressed in versions

Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets

The incident is typical of the heightened threats organizations face during the holidays, when most companies reduce their security operations staff by around 50%.

Salt Typhoon Hits T-Mobile as Part of Telecom Attack Spree

The company says no sensitive data was stolen, but federal agencies claim otherwise. CISA and FBI sources said attackers accessed all records of specific customers and the private communications of targeted individuals.

WordPress Really Simple Security Authentication Bypass

WordPress Really Simple Security plugin versions prior to 9.1.2 proof of concept authentication bypass exploit.

Critical WordPress Plug-in Flaw Exposes 4M Sites to Takeover

A vulnerability found in the Really Simple Security plug-in allows an attacker to remotely gain access to any account on an affected website, including the administrator, when 2FA is enabled.

Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites

A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited, could grant an attacker to remotely gain full administrative access to a susceptible site. The vulnerability, tracked as CVE-2024-10924 (CVSS score: 9.8), impacts both free and premium versions of the plugin. The

AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services

The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. "This botnet utilizes remote code execution and credential-stealing methods to maintain persistent access, leveraging unpatched vulnerabilities to infiltrate critical infrastructures," CloudSEK said in a

WordPress Meetup 0.1 Authentication Bypass

WordPress Meetup plugin versions 0.1 and below suffer from an authentication bypass vulnerability.