Blog - Page 106 of 943

Plugins on WordPress.org backdoored in supply chain attack

A threat actor modified the source code of at least five plugins hosted on WordPress.org to include malicious PHP scripts that create new accounts with administrative privileges on websites running them. […]

25 Jun

Polyfill.io JavaScript supply chain attack impacts over 100K sites

Over 100,000 sites have been impacted in a supply chain attack by the Polyfill.io service after a Chinese company acquired the domain and the script was modified to redirect users to malicious and scam sites. […]

25 Jun

New Medusa malware variants target Android users in seven countries

The Medusa banking trojan for Android has re-emerged after almost a year of keeping a lower profile in campaigns targeting France, Italy, the United States, Canada, Spain, the United Kingdom, and Turkey. […]

25 Jun

Neiman Marcus confirms data breach after Snowflake account hack

Luxury retailer Neiman Marcus confirmed it suffered a data breach after hackers attempted to sell the company’s database stolen in recent Snowflake data theft attacks. […]

25 Jun

FBI warns of fake law firms targeting crypto scam victims

The FBI is warning of cybercriminals posing as law firms and lawyers that offer cryptocurrency recovery services to victims of investment scams and steal funds and personal information. […]

24 Jun

Chrome for Android tests feature that securely verifies your ID with sites

Google is testing a new feature called “Digital Credential API” for Chrome on Android that will allow websites to request identity information from mobile wallets using Android’s IdentityCredential system. […]

24 Jun

New attack uses MSC files and Windows XSS flaw to breach networks

A novel command execution technique dubbed ‘GrimResource’ uses specially crafted MSC (Microsoft Saved Console) and an unpatched Windows XSS flaw to perform code execution via the Microsoft Management Console. […]

24 Jun

Four FIN9 hackers indicted for cyberattacks causing $71M in losses

Four Vietnamese nationals linked to the international cybercrime group FIN9 have been indicted for their involvement in a series of computer intrusions that caused over $71 million in losses to companies in the U.S. […]

24 Jun

CoinStats says North Korean hackers breached 1,590 crypto wallets

CoinStats suffered a massive security breach that compromised 1,590 cryptocurrency wallets, with the attack suspected to have been carried out by North Korean threat actors. […]

23 Jun

Microsoft Photos update brings requested features to Windows 11

Microsoft’s updated Photos app is now available for Windows 11 in the Windows Insider Program, bringing requested interface changes and better image quality. […]