websites
-
Over 100,000 WordPress Sites Exposed to Privilege Escalation via MCP AI Engine
The Wordfence Threat Intelligence team identified a severe security flaw in the AI Engine plugin, a widely used tool installed…
Read More » -
Open Next SSRF Flaw in Cloudflare Lets Hackers Fetch Data from Any Host
A critical Server-Side Request Forgery (SSRF) vulnerability has been discovered in the @opennextjs/cloudflare package, posing a significant security threat to…
Read More » -
AMOS macOS Stealer Evades Security to Deploy Malicious Code
A newly uncovered campaign involving an Atomic macOS Stealer (AMOS) variant has emerged, showcasing the evolving sophistication of multi-platform social…
Read More » -
Threat Actors Leverage ClickFix Technique to Deploy EddieStealer Malware
Cybersecurity researchers have identified a sophisticated malware campaign utilizing deceptive CAPTCHA interfaces to distribute EddieStealer, a Rust-based information stealing malware…
Read More » -
Microsoft Reveals Techniques for Defending Against Evolving AiTM Attacks
Microsoft has exposed the escalating sophistication of phishing attacks, particularly focusing on Adversary-in-the-Middle (AiTM) techniques that are becoming a cornerstone…
Read More » -
Hackers Expose 184 Million User Passwords via Open Directory
A major cybersecurity incident has come to light after researcher Jeremiah Fowler discovered a publicly accessible database containing 184,162,718 unique…
Read More » -
Hackers Target Mobile Users Using PWA JavaScript to Bypass Browser Security
A sophisticated new injection campaign has been uncovered, targeting mobile users through malicious third-party JavaScript to deliver a Chinese adult-content…
Read More » -
DPRK IT Workers Impersonate Polish and US Nationals to Secure Full-Stack Developer Positions
A alarming cybersecurity report by Nisos has uncovered a sophisticated employment scam network potentially affiliated with the Democratic People’s Republic…
Read More »