Recent Security News
-
Over 17,000 WordPress Sites Compromised by Balada Injector in September 2023
October 11, 2023 at 08:54AM Over 17,000 WordPress websites were hacked in September 2023, double the number from the previous month. Around 9,000 of these websites were infiltrated using a security flaw in the tagDiv Composer plugin, allowing for cross-site scripting attacks. The Balada Injector malware is responsible for these attacks, which aim to redirect…
-
U.S. Cybersecurity Agency Warns of Actively Exploited Adobe Acrobat Reader Vulnerability
October 11, 2023 at 08:54AM The US Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities catalog. The vulnerability, tracked as CVE-2023-21608, is a use-after-free bug that allows for remote code execution. Adobe released a patch for the flaw in January 2023, but details…
-
Take an Offensive Approach to Password Security by Continuously Monitoring for Breached Passwords
October 11, 2023 at 08:54AM Password reuse is a significant security risk for organizations, as it makes it easier for cybercriminals to access sensitive data and deploy ransomware. Many organizations lack a comprehensive system to prevent password reuse, relying on multi-factor authentication which can still be bypassed. Specops Password Policy offers a solution by enforcing…
-
Protect AI Releases 3 AI/ML Security Tools as Open Source
October 11, 2023 at 08:42AM Protect AI, the maker of Huntr, a bug bounty program for open source software, has licensed three of its AI/ML security tools under the permissive Apache 2.0 terms. The first tool, NB Defense, helps protect machine learning projects in Jupyter Notebooks. The second tool, ModelScan, scans ML models for attacks…
-
Chrome 118 Patches 20 Vulnerabilities
October 11, 2023 at 08:24AM Google has released Chrome 118 with fixes for 20 vulnerabilities, including a critical bug in Site Isolation that could allow sites to steal data. Google has yet to determine the bug bounty reward for this vulnerability. The release also addresses eight medium-severity flaws and five low-severity vulnerabilities. The latest version…