23174
๐ The finest daily news on cybersecurity and privacy. ๐ Daily releases. ๐ป Is your online life secure? ๐ฉ lalilolalo.dev@gmail.com
๐๏ธ Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images ๐๏ธThreat actors are using the "muplugins" directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and redirecting site visitors to bogus sites. muplugins, short for mustuse plugins, refers to plugins in a special directory "wpcontentmuplugins" that are automatically executed by WordPress without the need to enable them explicitly via the.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images ๐๏ธThreat actors are using the "muplugins" directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and redirecting site visitors to bogus sites. muplugins, short for mustuse plugins, refers to plugins in a special directory "wpcontentmuplugins" that are automatically executed by WordPress without the need to enable them explicitly via the.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ โก Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More ๐๏ธEvery week, someone somewhere slips upand threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a tooconvenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces with new tricks? Step behind the curtain with us this week as we explore breaches born from routine oversightsand the unexpected.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐จ Vulnerability affecting Next.js web development framework ๐จThe NCSC is encouraging UK organisations to take immediate action to mitigate a vulnerability CVE202529927 affecting the Next.js framework used to build web applications.
๐ Read more.
๐ Via "UK NCSC"
----------
๐๏ธ Seen on @cibsecurity
โ๏ธ How Each Pillar of the 1st Amendment is Under Attack โ๏ธIn an address to Congress this month, President Trump claimed he had "brought free speech back to America." But barely two months into his second term, the president has waged an unprecedented attack on the First Amendment rights of journalists, students, universities, government workers, lawyers and judges. This story explores a slew of recent actions by the Trump administration that threaten to undermine all five pillars of the First Amendment to the U.S. Constitution, which guarantees freedoms concerning speech, religion, the media, the right to assembly, and the right to petition the government and seek redress for wrongs.
๐ Read more.
๐ Via "Krebs on Security"
----------
๐๏ธ Seen on @cibsecurity
โ๏ธ How Each Pillar of the 1st Amendment is Under Attack โ๏ธIn an address to Congress this month, President Trump claimed he had "brought free speech back to America." But barely two months into his second term, the president has waged an unprecedented attack on the First Amendment rights of journalists, students, universities, government workers, lawyers and judges. This story explores a slew of recent actions by the Trump administration that threaten to undermine all five pillars of the First Amendment to the U.S. Constitution, which guarantees freedoms concerning speech, religion, the media, the right to assembly, and the right to petition the government and seek redress for wrongs.
๐ Read more.
๐ Via "Krebs on Security"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA ๐๏ธCybersecurity researchers have disclosed 46 new security flaws in products from three solar inverter vendors, Sungrow, Growatt, and SMA, that could be exploited by a bad actor to seize control of devices or execute code remotely, posing severe risks to electrical grids.ย The vulnerabilities have been collectively codenamed SUNDOWN by Forescout Vedere Labs. "The new vulnerabilities can be.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ข Qualys discovers three bypasses of Ubuntu's unprivileged user namespace restrictions ๐ขCombined with other vulnerabilities, the flaws could lead to full system access.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ข Security researchers hack BlackLock ransomware gang in push back against rising threat actor ๐ขBlackLock's reputation may not recover as analysts publish extensive details of its victims and associated accounts.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ Morphing Meerkat PhaaS Platform Spoofs 100+ Brands ๐A PhaaS platform, dubbed 'Morphing Meerkat,' uses DNS MX records to spoof over 100 brands and steal credentials, according to Infoblox Threat Intel.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Product Walkthrough: How Datto BCDR Delivers Unstoppable Business Continuity ๐๏ธLong gone are the days when a simple backup in a data center was enough to keep a business secure. While backups store information, they do not guarantee business continuity during a crisis. With IT disasters far too common and downtime burning through budgets, modern IT environments require solutions that go beyond storage and enable instant recovery to minimize downtime and data loss. This is.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ SecurityScorecard Observes Surge in Third-Party Breaches ๐In its 2025 Global ThirdParty Breach Report, SecurityScorecard has found that 35.5 of all cyber breaches in 2024 were thirdparty related, up from 29 in 2023.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ NCA Warns of Sadistic Online โComโ Networks ๐The UKs National Crime Agency is warning of a growing cyber and physical threat from homegrown teens.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ No MFA? Expect Hefty Fines, UKโs ICO Warns ๐The ICOs Deputy Commissioner told Infosecurity that organizations that fail to implement MFA and suffer a breach can expect heavy penalties.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ CoffeeLoader Malware Loader Linked to SmokeLoader Operations ๐Newly identified CoffeeLoader uses multiple evasion techniques and persistence mechanisms to deploy payloads and bypass endpoint security.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images ๐๏ธThreat actors are using the "muplugins" directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and redirecting site visitors to bogus sites. muplugins, short for mustuse plugins, refers to plugins in a special directory "wpcontentmuplugins" that are automatically executed by WordPress without the need to enable them explicitly via the.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ ClickFake Interview Campaign by Lazarus Targets Crypto Job Seekers ๐New ClickFake Interview campaign attributed to the Lazarus Group targets crypto professionals with fake job offers.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ข Law enforcement needs to fight fire with fire on AI threats ๐ขUK law enforcement agencies have been urged to employ a more proactive approach to AIrelated cyber crime as threats posed by the technology accelerate.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images ๐๏ธThreat actors are using the "muplugins" directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and redirecting site visitors to bogus sites. muplugins, short for mustuse plugins, refers to plugins in a special directory "wpcontentmuplugins" that are automatically executed by WordPress without the need to enable them explicitly via the.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
โ๏ธ How Each Pillar of the 1st Amendment is Under Attack โ๏ธIn an address to Congress this month, President Trump claimed he had "brought free speech back to America." But barely two months into his second term, the president has waged an unprecedented attack on the First Amendment rights of journalists, students, universities, government workers, lawyers and judges. This story explores a slew of recent actions by the Trump administration that threaten to undermine all five pillars of the First Amendment to the U.S. Constitution, which guarantees freedoms concerning speech, religion, the media, the right to assembly, and the right to petition the government and seek redress for wrongs.
๐ Read more.
๐ Via "Krebs on Security"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine ๐๏ธEntities in Ukraine have been targeted as part of a phishing campaign designed to distribute a remote access trojan called Remcos RAT. "The file names use Russian words related to the movement of troops in Ukraine as a lure," Cisco Talos researcher Guilherme Venere said in a report published last week. "The PowerShell downloader contacts geofenced servers located in Russia and Germany to.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection ๐๏ธCybersecurity researchers are calling attention to a new sophisticated malware called CoffeeLoader that's designed to download and execute secondary payloads. The malware, according to Zscaler ThreatLabz, shares behavioral similarities with another known malware loader known as SmokeLoader.ย "The purpose of the malware is to download and execute secondstage payloads while evading.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ฆ
TsarBot: A New Android Banking Trojan Targeting Over 750 Banking, Finance, and Cryptocurrency Applications ๐ฆ
Cyble TsarBot A New Android Banking Trojan Targeting Over 750 Banking, Finance, and Cryptocurrency Applications " dataimagecaption"" datamediumfile"httpscyble.comwpcontentuploads202503TsarBot300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202503TsarBot.jpg" title"TsarBot A New Android Banking Trojan Targeting Over 750 Banking, Finance, and Cryptocurrency Applications 1" Key Takeaways A new Android Banking Trojan, TsarBot, targets over 750 applications globally, including banking, finance, cryptocurrency, and ecommerce apps. TsarBot spreads via phishing sites masquerading as legitimate financial platforms and is installed through a dropper disguised as Google Play Services. It uses overlay attacks to steal banking credentials, credit card details, and login credentials ...
๐ Read more.
๐ Via "CYBLE"
----------
๐๏ธ Seen on @cibsecurity
๐ Trump CISA Cuts Threaten US Election Integrity, Experts Warn ๐Expert speakers discussed the impact of reported cutbacks to CISA on the ability of local officials to protect against surging cyberattacks on US election infrastructure.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ข Developers spend 17 hours a week on security โ but don't consider it a top priority ๐ขMore work on DevSecOps has been identified as a top priority for developer teams.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ฆ
Hacktivists Increasingly Target France for Its Diplomatic Efforts ๐ฆ
Cyble Hacktivists Increasingly Target France for Its Diplomatic Efforts " dataimagecaption"Cyble Hacktivists Increasingly Target France for Its Diplomatic Efforts " datamediumfile"httpscyble.comwpcontentuploads202503CybleBlogsHacktivistsFrance300x150.jpg" datalargefile"httpscyble.comwpcontentuploads202503CybleBlogsHacktivistsFrance1024x512.jpg" title"Hacktivists Increasingly Target France for Its Diplomatic Efforts 1" According to a Cyble report sent to clients recently, France is increasingly becoming a target of hacktivists for its active role in international diplomacy and in ongoing conflicts inย Ukraineย and the Middle East. Frances role in those conflicts has drawn the ire of proRussian and proPalestinian hacktivist groups, Cyble said, as those hacktivists have found ideological ...
๐ Read more.
๐ Via "CYBLE"
----------
๐๏ธ Seen on @cibsecurity
๐ NCSC Urges Domain Registrars to Improve Security ๐The UKs National Cyber Security Centre has released new guidance to help domain registrars enhance security.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ Chinese Spy Group FamousSparrow Back with a Vengeance, Targets US ๐Once considered inactive, the Chinese cyber espionage group FamousSparrow has reemerged, targeting organizations across the US, Mexico and Honduras.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ PJobRAT Malware Targets Users in Taiwan via Fake Apps ๐PJobRAT malware targets Taiwan Android users, stealing data through fake messaging platforms.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems ๐๏ธA critical security flaw has been disclosed in NetApp SnapCenter that, if successfully exploited, could allow privilege escalation. SnapCenter is an enterprisefocused software that's used to manage data protection across applications, databases, virtual machines, and file systems, offering the ability to backup, restore, and clone data resources. The vulnerability, tracked as.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity