Recent Security News

  • Backdoor Lurks Behind WordPress Caching Plugin to Hijack Websites

    October 12, 2023 at 10:38AM Researchers have discovered a sophisticated malware hidden within an authentic-looking WordPress caching plugin. This malware can create admin accounts and remotely activate plugins, giving threat actors complete control over infected websites. The malware can be difficult to detect and has features like conditional content filtering and file modification capabilities. WordPress…

    Read More

  • Protect Critical Infrastructure With Same Rigor as Classified Networks

    October 12, 2023 at 10:38AM The private sector’s utility, telecom, banking, transportation, and medical networks are facing unprecedented threats from state actors, particularly from China. The Director of National Intelligence warns that China is capable of launching cyberattacks that could disrupt critical infrastructure services within the United States. To protect their networks, organizations should cultivate…

    Read More

  • ToddyCat hackers use ‘disposable’ malware to target Asian telecoms

    October 12, 2023 at 10:34AM A campaign known as “Stayin’ Alive” has been targeting government organizations and telecom service providers in Asia with disposable malware since 2021, according to cybersecurity firm Check Point. The attacks originate from the Chinese group ToddyCat and use spear-phishing emails to distribute malware loaders and backdoors. Check Point believes there…

    Read More

  • Hyped up curl vulnerability falls short of expectations

    October 12, 2023 at 10:34AM Curl 8.4.0 has been released to address a high-severity security vulnerability (CVE-2023-38546), which caused concerns about its impact. The release includes fixes for two vulnerabilities: a high-severity heap buffer overflow bug and a low-severity cookie injection flaw. The exploit for the heap buffer overflow bug requires specific configurations and timing,…

    Read More