-
Hackers exploit WordPress plugin auth bypass hours after disclosure
In a concerning development for WordPress users, hackers have begun exploiting a critical vulnerability that allows unauthorized access to the OttoKit (formerly known as SureTriggers) plugin. This high-severity flaw was publicly disclosed, and exploitation activity was detected within mere hours,…
-
Six arrested for AI-powered investment scams that stole $20 million
Spain’s National Police have apprehended six individuals involved in a sophisticated cryptocurrency investment scam that exploited advanced artificial intelligence (AI) tools to create deepfake advertisements featuring well-known public figures. This fraudulent operation has reportedly defrauded a staggering total of 19…
-
Port of Seattle says ransomware breach impacts 90,000 people
The Port of Seattle, an agency responsible for managing Seattle’s seaport and airport, recently revealed a significant data breach affecting approximately 90,000 individuals. This incident stems from a ransomware attack orchestrated by the Rhysida group in August 2024, compromising sensitive…
-
Apple fined €150 million over App Tracking Transparency issues
France’s antitrust authority, the Autorité de la concurrence, has imposed a substantial fine of €150 million (approximately $162 million) on Apple for allegedly leveraging its App Tracking Transparency (ATT) framework to exploit its dominant position within the mobile app advertising…
-
Retail giant Sam’s Club investigates Clop ransomware breach claims
Sam’s Club, a prominent American warehouse supermarket chain under the ownership of Walmart, is currently scrutinizing potential claims of a ransomware breach linked to the Clop group. This development raises significant concerns about cybersecurity preparedness and response in large retail…
-
The 7 technology trends that could replace passwords
Many individuals and organizations have recognized the limitations of relying solely on passwords for their online security. A recent report by Specops, the Breached Password Report, revealed that, out of one billion stolen credentials, nearly 25% fulfilled standard complexity requirements,…
-
Microsoft Trust Signing service abused to code-sign malware
Cybercriminals are increasingly exploiting Microsoft’s Trusted Signing platform to sign malware executables using short-lived certificates that last for only three days. This tactic aligns with a long-standing trend in which threat actors seek code-signing certificates to lend legitimacy to their…
-
WordPress security plugin WP Ghost vulnerable to remote code execution bug
WP Ghost, a widely used security plugin for WordPress, is currently exposed to a severe vulnerability that poses significant risks to its users. This flaw allows unauthenticated attackers to execute code remotely, potentially compromising entire servers and their associated websites.…
-
March Windows updates mistakenly uninstall Copilot
Microsoft has issued a significant advisory regarding the unintended removal of its AI-powered Copilot digital assistant following the March 2025 cumulative updates for Windows 10 and Windows 11. This development underscores the importance of understanding cybersecurity implications associated with software…
Must-Read Posts
- Adidas warns of data breach after customer service provider hack
- AI Cuts vCISO Workload by 68% as Demand Skyrockets, New Report Finds
- AI in Cybersecurity: Revolutionizing Defense Against Emerging Threats
- Apiiro unveils free scanner to detect malicious code merges
- Apple fined €150 million over App Tracking Transparency issues
