Saturday, May 21, 2022
Home Quick Bytes

Quick Bytes

Critical Flaw in Premium WordPress Themes Permits Site Takeover (1)

Critical Flaw in Premium WordPress Themes Permits Site Takeover

Researchers discovered a significant privilege escalation problem in two themes used by over 90,000 WordPress sites that might allow threat actors to take entire...
Phishers Add Chatbot to the Phishing Lure (1)

Phishers Add Chatbot to the Phishing Lure

Trustwave SpiderLabs researchers have recently discovered phishers are using a new technique to improve victim participation and confidence: adding an interactive chatbot. The phishers use...
Researchers Discover Supply Chain Attack Targeting GitLab CI Pipelines (1)

Researchers Discover Supply Chain Attack Targeting GitLab CI Pipelines

SentinelLabs security researchers have discovered a software chain supply attack intended at Rust developers, including malware designed to compromise GitLab Continuous Integration (CI) pipelines. CrateDepression...
VMware Bugs Exploited to Deliver Mirai Malware_ Exploit Log4Shell

VMware Bugs Exploited to Deliver Mirai Malware, Exploit Log4Shell

Researchers claim that a GitHub proof-of-concept exploit of previously disclosed VMware vulnerability is being deployed in the field by hackers. Hackers are exploiting recently discovered...
Over 380_000 Kubernetes API Servers Exposed to Internet

Over 380,000 Kubernetes API Servers Exposed to Internet

The Shadowserver Foundation began searching the internet for Kubernetes API servers and discovered over 380,000 that provide some level of access. The foundation monitors the...
NVIDIA Fixes Graphics Driver Code Execution Vulnerabilities

NVIDIA Fixes Graphics Driver Code Execution Vulnerabilities

NVIDIA has released graphics driver updates to fix various vulnerabilities, including four CVEs with a "high severity" rating. CVE202228181 and CVE202228182 (CVSS score of...
Sysrv-K Botnet Attacks Windows and Linux Users

Sysrv-K Botnet Attacks Windows and Linux Users

According to Microsoft researchers, a botnet that is exploiting flaws in the Spring Framework and WordPress plugins, is being tracked. Cybercriminals behind the Sysrv botnet...
New Special Interest Group Seeks to Boost ICS OT Cyber Defenses

New Special Interest Group Seeks to Boost ICS/OT Cyber Defenses

MITRE has announced the formation of a new special interest group (SIG) tasked with improving cyber defenses for Industrial Control Systems (ICS) and Operational...
Pathlock Announces Multiple Mergers _amp; Acquisitions and 200 Million USD in Funding

Pathlock Announces Multiple Mergers & Acquisitions and 200 Million USD in...

Pathlock, a provider of access orchestration solutions, has announced various mergers and acquisitions, as well as a 200 million USD funding round. Data governance, identity...
Sysrv Botnet Attacking Recent Spring Cloud Gateway Vulnerability

‘Sysrv’ Botnet Attacking Recent Spring Cloud Gateway Vulnerability

Microsoft advises that a new variation of the Sysrv botnet has added a new Spring Cloud Gateway vulnerability to its exploit library. The Sysrv botnet...

Latest posts