General Security News
-
Severe Security Flaw Exposes Over a Million WordPress Sites to Hijack
A security vulnerability has been disclosed in the popular WordPress plugin Essential Addons for Elementor that could be potentially exploited to...
-
New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe
A previously undetected advanced persistent threat (APT) actor dubbed Red Stinger has been linked to attacks targeting Eastern Europe since 2020....
-
How Attack Surface Management Supports Continuous Threat Exposure Management
According to Forrester, External Attack Surface Management (EASM) emerged as a market category in 2021 and gained popularity in 2022. In a...
-
New Linux NetFilter Kernel Flaw Let Attackers Gain Root Privileges
A recently found Linux NetFilter kernel vulnerability, identified as CVE-2023-32233, enables unprivileged local users to gain root-level...
-
Microsoft Patch Tuesday, May 2023 – Fixes for 2 zero-days and 40 vulnerabilities
Microsoft released updates for two zero-day problems and 40 other newly discovered vulnerabilities in its products on Tuesday. CVE-2023-29336, one...
-
WhatsApp Can’t be Trusted, Warns Elon Musk
After a Twitter engineer posted photos of an Android dashboard showing his WhatsApp microphone being used while he slept, Elon Musk declared that...
-
Andoryu Botnet Exploits Critical Ruckus Wireless Flaw for Widespread Attack
A nascent botnet called Andoryu has been found to exploit a now-patched critical security flaw in the Ruckus Wireless Admin panel to break into...
-
Twitter Finally Rolling Out Encrypted Direct Messages — Starting with Verified Users
Twitter is officially beginning to roll out support for encrypted direct messages (DMs) on the platform, more than six months after its chief...
-
GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets
GitHub has announced the general availability of a new security feature called push protection, which aims to prevent developers from inadvertently...
-
FBI Seized 13 Websites that Offered DDoS-for-hire Services
The FBI has been coordinating Operation PowerOFF since 2018, aiming to disrupt the DDoS-for-hire service infrastructures worldwide. As part of...
-
Nextgen Healthcare Hacked – Over 1 Million Customers’ Data Exposed
NextGen Healthcare, which has its headquarters in Atlanta, Georgia, is a company that develops and markets software for the management of...
-
Microsoft's May Patch Tuesday Fixes 38 Flaws, Including Active Zero-Day Bug
Microsoft has rolled out Patch Tuesday updates for May 2023 to address 38 security flaws, including one zero-day bug that it said is being actively...