NAME__________Custom Options Plus Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Custom Options Plus Plugin for WordPress 1.8.1Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Custom...
NAME__________Dassault Systemes 3DSwymer cross-site scriptingPlatforms Affected:Dassault Systemes 3DSwymer 3DEXPERIENCE R2023xRisk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Dassault Systemes 3DSwymer is vulnerable to cross-site scripting,...
A North Korean state-sponsored threat actor tracked as Diamond Sleet is distributing a trojanized version of a legitimate application developed...
Blender has confirmed that recent site outages have been caused by ongoing DDoS (distributed denial of service) attacks that started...
The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies,...
Black Friday 2023 is here, and great deals are live in computer security, software, online courses, system admin services, antivirus,...
Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in...
The Kansas Judicial Branch has published an update on a cybersecurity incident it suffered last month, confirming that hackers stole...
Microsoft says a North Korean hacking group has breached Taiwanese multimedia software company CyberLink and trojanized one of its installers...
A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers...
Security researchers bypassed Windows Hello fingerprint authentication on Dell Inspiron, Lenovo ThinkPad, and Microsoft Surface Pro X laptops in attacks...
Successors to the QakBot malware have emerged despite the disruption to QakBot infrastructure by an international law enforcement operation led...
The personally identifiable information (PII) of millions of online shoppers could be at risk as a result of significant security...
The chief operating officer (COO) of a US network security firm has pleaded guilty to compromising the IT systems of...
Security researchers have detected a Russian-language Word document carrying a malicious macro in the ongoing Konni campaign. Despite its September 2023...
Microsoft has launched another bug bounty program, this time with the goal of making its Microsoft Defender-branded products and services...
Europol has announced a new unit whose job it will be to find and analyze publicly available information indicating Russian...
The UK’s privacy regulator has warned website owners operating in the country that they face enforcement action if they don’t...
Microsoft has detected a notable increase in mobile banking Trojan campaigns directed at users in India, primarily through instant messaging...
The space sector is facing a growing threat from nation-state cyberattacks, making it critical for organizations to know who has...
Several government agencies and cybersecurity organizations have raised the alarm in response to multiple threat actor groups exploiting Citrix Bleed,...
A substantial 26% of cyber incidents in businesses over the last two years have been found to be the result...
A critical vulnerability in Apache ActiveMQ, identified as CVE-2023-46604, has been exposed, revealing an active exploitation scenario by the notorious...
Citrix Releases Security Updates for Citrix Hypervisor Citrix has released security updates addressing vulnerabilities in Citrix Hypervisor 8.2 CU1 LTSR....
