Unauthenticated RCE in WordPress Plugin Exposes 100K Sites
A critical vulnerability (CVE-2024-5932) in the GiveWP plugin exposes over 100,000 WordPress sites to remote code execution (RCE) attacks, as disclosed by researcher villu164 through the Wordfence Bug Bounty Program. [...]
MegaMedusa: A Powerful Web DDoS Tool Used by Hackers
RipperSec, a pro-Palestinian Malaysian hacktivist group that started on Telegram in June 2023, has quickly grown to over 2,000 members. They carry out cyberattacks like data breaches, defacements, and DDoS [...]
Urgent: Windows TCP/IP Vulnerability Discovered, Update Now
A critical vulnerability in the Windows TCP/IP stack enables unauthenticated remote code execution (RCE) through specially crafted IPv6 packets. This flaw affects all supported versions of Windows and Windows Server, [...]
Vulnerability in Microsoft Apps Let Hackers Spy on Mac Users
A critical vulnerability in Microsoft apps for macOS allowed hackers to surreptitiously spy on Mac users' activities. Security researchers from Cisco Talos revealed how attackers could exploit this flaw to [...]
New Styx Stealer Targets Users to Steal Login Passwords
A new threat called Styx Stealer has emerged, targeting users by stealing sensitive data like saved passwords, cookies, and autofill details from popular web browsers. Styx Stealer This malware targets [...]
FHN 
