Unknown threat actors are actively exploiting a recently patched security vulnerability in the Elementor Pro website builder plugin for WordPress. The flaw, described as a case of broken access control, impacts versions 3.11.6 and earlier. It was addressed by the plugin maintainers in version 3.11.7 released on March 22. “Improved code security enforcement in WooCommerce […]
Cyber News, Cyber Threat Trends
Critical security flaws in Cacti, Realtek, and IBM Aspera Faspex are being exploited by various threat actors in hacks targeting unpatched systems. This entails the abuse of CVE-2022-46169 (CVSS score: 9.8) and CVE-2021-35394 (CVSS score: 9.8) to deliver MooBot and ShellBot (aka PerlBot), Fortinet FortiGuard Labs said in a report published this week. CVE-2022-46169 relates to a critical
Cyber News, Cyber Threat Trends
Microsoft has patched a misconfiguration issue impacting the Azure Active Directory (AAD) identity and access management service that exposed several “high-impact” applications to unauthorized access. “One of these apps is a content management system (CMS) that powers Bing.com and allowed us to not only modify search results, but also launch high-impact XSS attacks on Bing […]
Cyber News, Cyber Threat Trends
Another DNS record you can add to improve email security Continue reading on Cloud Security »
Cyber News, Cyber Threat TrendsLaunching CSPM, container workload security, and cloud vulnerability management to modernize cloud security operations.
Cyber News, Cyber Threat TrendsICO issues call after reprimanding NHS Highland
Cyber News, Cyber Threat Trends
Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are affected by a supply chain attack. The version numbers include 18.12.407 and 18.12.416 for Windows and 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 for macOS. The company said it’s engaging the services of Google-owned Mandiant to review the incident. In the
Cyber News, Cyber Threat TrendsICO issues call after reprimanding NHS Highland
Cyber News, Cyber Threat TrendsICO issues call after reprimanding NHS Highland
Cyber News, Cyber Threat Trends