Internet Security

Security Affairs newsletter Round 426 by Pierluigi Paganini – International edition

July 2, 2023 add comment
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new... Read more »

WordPress sites using the Ultimate Member plugin are under attack

July 2, 2023 add comment
Threat actors are exploiting a critical WordPress zero-day in the Ultimate Member plugin to create secret admin accounts. Hackers are actively exploiting a critical unpatched WordPress Plugin flaw, tracked... Read more »

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

July 1, 2023 add comment
The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company (TSMC)... Read more »

Avast released a free decryptor for the Windows version of the Akira ransomware

July 1, 2023 add comment
Avast released a free decryptor for the Akira ransomware that can allow victims to recover their data without paying the ransom. Cybersecurity firm Avast released a free decryptor for... Read more »

Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor

June 30, 2023 add comment
Iran-linked Charming Kitten group used an updated version of the PowerShell backdoor called POWERSTAR in a spear-phishing campaign. Security firm Volexity observed the Iran-linked Charming Kitten (aka APT35, Phosphorus, Newscaster, and Ajax Security Team)... Read more »

North Korea-linked Andariel APT used a new malware named EarlyRat last year

June 30, 2023 add comment
North Korea-linked cyberespionage group Andariel used a previously undocumented malware called EarlyRat. Kaspersky researchers reported that the North Korea-linked APT group Andariel used a previously undocumented malware dubbed EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability... Read more »

miniOrange’s WordPress Social Login and Register plugin was affected by a critical auth bypass bug

June 30, 2023 add comment
A critical authentication bypass flaw in miniOrange’s WordPress Social Login and Register plugin, can allow gaining access to any account on a site. Wordfence researchers discovered an authentication bypass vulnerability in miniOrange’s... Read more »

The phone monitoring app LetMeSpy disclosed a data breach

June 29, 2023 add comment
Android app LetMeSpy disclosed a security breach, sensitive data associated with thousands of Android users were exposed. The phone monitoring app LetMeSpy disclosed a security breach, threat actors have stolen sensitive... Read more »

Previously undetected ThirdEye malware appears in the threat landscape

June 29, 2023 add comment
A new Windows information stealer dubbed ThirdEye appeared in the threat landscape, it has been active since April. Fortinet FortiGuard Labs discovered a previously undetected information stealer named ThirdEye. The malicious... Read more »

Former Group-IB manager has been arrested in Kazahstan

June 29, 2023 add comment
The former head of network security at Group-IB has been arrested in Kazakhstan based on a request from U.S. law enforcement. Nikita Kislitsin who worked as the head of... Read more »
Subscribe to our Newsletter