Malicious PhishWP Plugin Targets WordPress E-commerce Payment Data Through Fake Checkouts
A sophisticated WordPress plugin called PhishWP has emerged on Russian cybercrime forums, creating deceptive payment gateways to steal customer payment data through fake checkout pages. The malware includes advanced features like OTP functionality and real-time data transmission via Telegram, highlighting growing e-commerce security threats.
Critical Security Flaw in Popular WordPress Backup Plugin Threatens Millions of Sites
A severe vulnerability discovered in UpdraftPlus WordPress plugin puts over 3 million websites at risk of code execution attacks. The high-severity flaw affects all versions up to 1.24.11 and requires immediate updating to the patched version.
New Android Malware 'FireScam' Masquerades as Telegram Premium to Steal User Data
A sophisticated Android malware dubbed FireScam is targeting users by impersonating Telegram Premium through a fake Russian app store. The malware steals sensitive data, monitors device activity, and maintains persistent remote control while employing advanced evasion techniques.
Cryptocurrency Mining Malware Infiltrates Home Server Through Exposed Docker Container
A cybersecurity researcher's personal server was hijacked by Kinsing malware after briefly exposing a Docker database container online. The incident highlights critical security lessons for home server administrators and the growing sophistication of threats targeting personal networks.
Critical Windows Domain Controller Exploit Revealed: LDAPNightmare PoC Triggers System Crashes
A new proof-of-concept exploit called LDAPNightmare demonstrates how attackers can crash Windows domain controllers through LDAP vulnerability CVE-2024-49113. The exploit forces system reboots by crashing LSASS, with potential for remote code execution if systems remain unpatched.
New Guidelines Aim to Standardize Cyber Threat Actor Naming Conventions
Security experts have released comprehensive recommendations to address the chaos in naming malicious cyber threat actors, targeting issues like multiple aliases and ambiguous naming practices. The new RFC document provides practical guidelines for organizations to improve threat intelligence sharing and analysis.
Google Chrome Extension Vulnerability Exposes Millions to 2FA Bypass Attacks
A sophisticated phishing campaign targeting Chrome extensions has compromised two-factor authentication protection for millions of users since December 2023. The attacks, including a major breach at Cyberhaven, allow hackers to steal and reuse authentication cookies to bypass security measures.
Chrome Extension Breach: Cyberhaven Attack Exposes Millions to Cookie Theft Risk
A sophisticated phishing attack on Cyberhaven led to the compromise of their Chrome extension, potentially affecting 400,000 corporate customers during the 2023 holiday season. The incident highlights critical vulnerabilities in two-factor authentication systems and the need for enhanced security measures like passkeys.
Massive Chrome Extension Hack Compromises Data of 600,000+ Users
Sixteen popular Chrome browser extensions were compromised through sophisticated phishing attacks, potentially exposing sensitive data of over 600,000 users. The breach, discovered by Cyberhaven, specifically targeted Facebook business accounts and involved malicious code injection into legitimate extensions.
Critical Security Flaw Exposes Thousands of Four-Faith Routers to Remote Attacks
A high-severity vulnerability in Four-Faith routers allows attackers to execute system commands on over 15,000 exposed devices still using default credentials. Security researchers have observed active exploitation attempts in the wild, with no patches currently available from the manufacturer.