Active Exploits Hit WordPress Sites Vulnerable to Thrive Themes Flaws
Thrive Themes has recently patched vulnerabilities in its WordPress plugins and legacy Themes – but attackers are targeting those who haven’t yet applied security updates.
Attackers are actively exploiting...
Energy Giant Shell Is Latest Victim of Accellion Attacks
Attackers accessed personal and business data from the company’s legacy file-transfer service in a recent data-security incident but core IT systems remained untouched.
Energy giant Royal Dutch Shell is the...
MangaDex Site Offline Following Hacking Incident
A cyberattacker taunted the site about open security vulnerabilities, prompting a code review.
MangaDex, the online repository of manga animation comics, will be closed until further notice following a hacking...
Critical Security Bugs Fixed in Virtual Learning Software
Remote ed software bugs give attackers wide access student computers, data.
Netop, the company behind a popular software tool designed to let teachers remotely access student computers, has fixed four...
CISA Warns of Security Flaws in GE Power Management Devices
The flaws could allow an attacker to access sensitive information, reboot the UR, gain privileged access, or cause a denial-of-service condition.
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is...
Critical F5 BIG-IP Flaw Now Under Active Attack
Researchers are reporting mass scanning for – and in-the-wild exploitation of – a critical-severity flaw in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure.
Attackers are exploiting a recently-patched, critical...
Zoom Screen-Sharing Glitch ‘Briefly’ Leaks Sensitive Data
A glitch in Zoom’s screen-sharing feature shows parts of presenters’ screens that they did not intend to share – potentially leaking emails or passwords.
A security blip in the current...
Fiserv Forgets to Buy Domain It Used as System Default
Fintech security provider Fiserv acknowledges it used unregistered domain as default email.
Fiserv, a multi-billion-dollar cybersecurity tech provider for financial institutions, forgot to buy the domain used as a...
Cisco Plugs Security Hole in Small Business Routers
The Cisco security vulnerability exists in the RV132W ADSL2+ Wireless-N VPN Routers and RV134W VDSL2 Wireless-AC VPN Routers.
A popular line of small business routers made by Cisco Systems are...
Exchange Cyberattacks Escalate as Microsoft Rolls One-Click Fix
Public proof-of-concept (PoC) exploits for ProxyLogon could be fanning a feeding frenzy of attacks even as patching makes progress.
As dangerous attacks accelerate against Microsoft Exchange Servers in the wake...
