Internet Security

miniOrange’s WordPress Social Login and Register plugin was affected by a critical auth bypass bug

June 30, 2023 add comment
A critical authentication bypass flaw in miniOrange’s WordPress Social Login and Register plugin, can allow gaining access to any account on a site. Wordfence researchers discovered an authentication bypass vulnerability in miniOrange’s... Read more »

The phone monitoring app LetMeSpy disclosed a data breach

June 29, 2023 add comment
Android app LetMeSpy disclosed a security breach, sensitive data associated with thousands of Android users were exposed. The phone monitoring app LetMeSpy disclosed a security breach, threat actors have stolen sensitive... Read more »

Previously undetected ThirdEye malware appears in the threat landscape

June 29, 2023 add comment
A new Windows information stealer dubbed ThirdEye appeared in the threat landscape, it has been active since April. Fortinet FortiGuard Labs discovered a previously undetected information stealer named ThirdEye. The malicious... Read more »

Former Group-IB manager has been arrested in Kazahstan

June 29, 2023 add comment
The former head of network security at Group-IB has been arrested in Kazakhstan based on a request from U.S. law enforcement. Nikita Kislitsin who worked as the head of... Read more »

Experts published PoC exploits for Arcserve UDP authentication bypass issue

June 29, 2023 add comment
Data protection firm Arcserve addressed an authentication bypass vulnerability in its Unified Data Protection (UDP) backup software. Data protection vendor Arcserve addressed a high-severity bypass authentication flaw, tracked as... Read more »

Using Electromagnetic Fault Injection Attacks to take over drones

June 28, 2023 add comment
Electromagnetic fault injection (EMFI) attacks on drones can potentially allow attackers to achieve arbitrary code execution and take over them. While the use of drones continues to grow, researchers... Read more »

Experts warn of a spike in May and June of 8Base ransomware attacks

June 28, 2023 add comment
Researchers warn of a massive spike in May and June 2023 of the activity associated with the ransomware group named 8Base. VMware Carbon Black researchers observed an intensification of the... Read more »

Critical SQL Injection flaws in Gentoo Soko can lead to Remote Code Execution

June 28, 2023 add comment
SQL injection vulnerabilities in Gentoo Soko could lead to remote code execution (RCE) on impacted systems. SonarSource researchers discovered two SQL injection vulnerabilities in Gentoo Soko, collectively tracked as... Read more »

EncroChat dismantling led to 6,558 arrests and the seizure of $979M in criminal funds

June 28, 2023 add comment
Europol announced that the takedown of the EncroChat encrypted chat network has led to the arrest of 6,558 people and the seizure of $979 million in illicit funds. Europol... Read more »

Mockingjay process injection technique allows EDR bypass

June 27, 2023 add comment
Mockingjay is a new process injection technique that can be exploited to bypass security solutions to execute malware on compromised systems. A new process injection technique dubbed Mockingjay can... Read more »
Subscribe to our Newsletter