Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk

A security flaw in the Ally WordPress plugin used on more than 400,000 sites could allow attackers to extract sensitive data without logging in. The post Security Flaw in... Read more »

Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers in Global Crackdown

Meta on Wednesday said it disabled over 150,000 accounts associated with scam centers in Southeast Asia as part of a coordinated effort in partnership with authorities from Thailand, the... Read more »

ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More

Another Thursday, another pile of weird security stuff that somehow happened in just seven days. Some of it is clever. Some of it is lazy. A few bits fall... Read more »

Apple issues emergency fixes for Coruna flaws in older iOS versions

Apple released iOS 16.7.15 and 15.8.7 updates for older iPhones and iPads to patch vulnerabilities linked to the Coruna exploits. Apple has released security updates for legacy devices, rolling... Read more »

Meta Rolls Out New Scam Alerts Across Facebook, WhatsApp, and Messenger

Meta is rolling out new scam alerts across Facebook, WhatsApp, and Messenger as it ramps up AI-driven fraud detection and advertiser verification. The post Meta Rolls Out New Scam... Read more »

Iran-Linked Hacktivists Hit Stryker, Knocking Employees Offline Across Multiple Countries

A cyberattack disrupted global operations at medical device maker Stryker, knocking employees offline and raising concerns about destructive wiper attacks. The post Iran-Linked Hacktivists Hit Stryker, Knocking Employees Offline... Read more »

€1 million online fraud scheme uncovered, three suspects arrested

A criminal group suspected of running an online fraud scheme in Germany, which defrauded victims of around €1 million, has been dismantled through judicial cooperation coordinated by Eurojust. On... Read more »

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting n8n to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active... Read more »

Critical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sites

An unauthenticated SQL injection flaw (CVE-2026-2413) in the Ally WordPress plugin, used on 400K+ sites, could allow attackers to steal sensitive data. An unauthenticated SQL injection flaw, tracked as... Read more »

Mimecast adds AI investigation and adaptive controls to manage human risk

Mimecast has announced major platform capabilities designed for a new enterprise reality as AI agents and automated workflows scale across the business and establish the human layer as the... Read more »
Subscribe to our Newsletter