Another Critical Flaw Found In Drupal Core—Patch Your Sites Immediately

It’s time to update your Drupal websites, once again.

For the second time within a month, Drupal has been found vulnerable to another critical vulnerability that could allow remote attackers to pull off advanced attacks including cookie theft, keylogg… Continue reading Another Critical Flaw Found In Drupal Core—Patch Your Sites Immediately

Finland’s 3rd Largest Data Breach Exposes 130,000 Users’ Plaintext Passwords

Over 130,000 Finnish citizens have had their credentials compromised in what appears to be third largest data breach ever faced by the country, local media reports.

Finnish Communications Regulatory Authority (FICORA) is warning users of a large-scale… Continue reading Finland’s 3rd Largest Data Breach Exposes 130,000 Users’ Plaintext Passwords

Remote Execution Flaw Threatens Apps Built Using Spring Framework — Patch Now

Security researchers have discovered three vulnerabilities in the Spring Development Framework, one of which is a critical remote code execution flaw that could allow remote attackers to execute arbitrary code against applications built with it.

Sprin… Continue reading Remote Execution Flaw Threatens Apps Built Using Spring Framework — Patch Now

Thousands of Government Websites Hacked to Mine Cryptocurrencies

There was a time when hackers simply defaced websites to get attention, then they started hijacking them to spread banking trojan and ransomware, and now the trend has shifted towards injecting scripts into sites to mine cryptocurrencies.

Thousands of… Continue reading Thousands of Government Websites Hacked to Mine Cryptocurrencies

D-Link MEA Site Caught Running Cryptocurrency Mining Script—Or Was It Hacked?

Last month the popular torrent website The Pirate Bay caused some uproar by adding a Javascript-based cryptocurrency miner to its site with no opt-out option, utilizing visitors’ CPU power to mine Monero coins in an attempt to gain an extra source of r… Continue reading D-Link MEA Site Caught Running Cryptocurrency Mining Script—Or Was It Hacked?

Yahoo Hacked Once Again! Quietly Warns Affected Users About New Attack

Has Yahoo rebuilt your trust again?

If yes, then you need to think once again, as the company is warning its users of another hack.

Last year, Yahoo admitted two of the largest data breaches on record. One of which that took place in 2013 disclosed p… Continue reading Yahoo Hacked Once Again! Quietly Warns Affected Users About New Attack

Polish Banks Hacked using Malware Planted on their own Government Site

In what considered to be the largest system hack in the country’s history and a massive attack on the financial sector, several banks in Poland have been infected with malware.

What’s surprising? The source of the malware infection is their own financ… Continue reading Polish Banks Hacked using Malware Planted on their own Government Site

Critical WordPress REST API Bug: Prevent Your Blog From Being Hacked!

Last week, WordPress patched three security flaws, but just yesterday the company disclosed about a nasty then-secret zero-day vulnerability that let remote unauthorized hackers modify the content of any post or page within a WordPress site.

The nasty… Continue reading Critical WordPress REST API Bug: Prevent Your Blog From Being Hacked!

Over 199,500 Websites Are Still Vulnerable to Heartbleed OpenSSL Bug

It’s more than two and half years since the discovery of the critical OpenSSL Heartbleed vulnerability, but the flaw is still alive as it appears that many organizations did not remediate properly to the serious security glitch.

It was one of the bigg… Continue reading Over 199,500 Websites Are Still Vulnerable to Heartbleed OpenSSL Bug

Donald Trump appoints a CyberSecurity Advisor Whose Own Site is Damn Vulnerable

Former New York City Mayor Rudolph W. Giuliani has been appointed as a cyber security advisor for the President-elect Donald Trump, but it appears that he never actually checked the security defenses of his own company’s website.

Giuliani is going to … Continue reading Donald Trump appoints a CyberSecurity Advisor Whose Own Site is Damn Vulnerable