Hackers Exploit Zero-Day in WordPress BackupBuddy Plugin in ~5 Million Attempts
A zero-day flaw in a WordPress plugin known as BackupBuddy is being actively exploited, WordPress safety firm Wordfence has disclosed. BackupBuddy The BackupBuddy vulnerability impacts versions 8.5.8.0 through 8.7.4.1 and is under attack [...]
North Korean Lazarus hackers take aim at U.S. energy providers
The North Korean state-sponsored crime ring Lazarus Group is behind a new cyberespionage campaign with the goal to steal data and trade secrets from energy providers across the US, Canada [...]
Cisco Released Patches for Vulnerabilities Affecting Several Products
Cisco has released updates to address vulnerabilities affecting multiple products. The vulnerability, identified as CVE-2022-28199 (CVSS 8.6), is due to improper error handling in the network stack of DPDK, which enables a remote attacker to cause [...]
The North Face Warns of Major Credential Stuffing Campaign
Outdoor clothing giant The North Face has notified customers that their account may have been compromised, after noticing unusual activity on its website last month. It detected the credential stuffing attack on [...]
North Korean Hackers Deploying New MagicRAT Malware in Targeted Campaigns
The Lazarus Group, a well-known North Korean nation-state actor, has been connected to the MagicRAT remote access trojan. Lazarus Team, also known as APT38, Dark Seoul, Hidden Cobra, and Zinc, refers [...]
Get Social