Tag Archives: exploits

Critical WordPress plugin vulnerability under active exploit threatens thousands

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of malicious code, security researchers said. The vulnerability, tracked as CVE-2024-11972, is found in Hunk Companion, a plugin that runs on 10,000 sites that use the… Read More »

FortiGate admins report active exploitation 0-day. Vendor isn’t talking.

Citing the Reddit comment, Beaumont took to Mastodon to explain: “People are quite openly posting what is happening on Reddit now, threat actors are registering rogue FortiGates into FortiManager with hostnames like ‘localhost’ and using them to get RCE.” Beaumont wasn’t immediately available to elaborate. In the same thread, another user said that based on… Read More »

Thousands of Linux systems infected by stealthy malware since 2021

This Reddit comment posted to the CentOS subreddit is typical. An admin noticed that two servers were infected with a cryptocurrency hijacker with the names perfcc and perfctl. The admin wanted help investigating the cause. “I only became aware of the malware because my monitoring setup alerted me to 100% CPU utilization,” the admin wrote… Read More »

Unpatchable 0-day in surveillance cam is being exploited to install Mirai

reader comments 20 Malicious hackers are exploiting a critical vulnerability in a widely used security camera to spread Mirai, a family of malware that wrangles infected Internet of Things devices into large networks for use in attacks that take down websites and other Internet-connected devices. The attacks target the AVM1203, a surveillance device from Taiwan-based… Read More »

Hackers infect ISPs with malware that steals customers’ credentials

Getty Images reader comments 24 Malicious hackers likely working on behalf of the Chinese government have been exploiting a high-severity zero-day vulnerability that allowed them to infect at least four US-based ISPs with malware that steals credentials used by downstream customers, researchers said Tuesday. The vulnerability resides in the Versa Director, a virtualization platform that… Read More »

Windows 0-day was exploited by North Korea to install advanced rootkit

Getty Images reader comments 32 A Windows zero-day vulnerability recently patched by Microsoft was exploited by hackers working on behalf of the North Korean government so they could install custom malware that’s exceptionally stealthy and advanced, researchers reported Monday. The vulnerability, tracked as CVE-2024-38193, was one of six zero-days—meaning vulnerabilities known or actively exploited before… Read More »

Exim vulnerability affecting 1.5 million servers lets attackers attach malicious files

reader comments 3 More than 1.5 million email servers are vulnerable to attacks that can deliver executable attachments to user accounts, security researchers said. The servers run versions of the Exim mail transfer agent that are vulnerable to a critical vulnerability that came to light 10 days ago. Tracked as CVE-2024-39929 and carrying a severity… Read More »

“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux

reader comments 23 Researchers have warned of a critical vulnerability affecting the OpenSSH networking utility that can be exploited to give attackers complete control of Linux and Unix servers with no authentication required. The vulnerability, tracked as CVE-2024-6387, allows unauthenticated remote code execution with root system rights on Linux systems that are based on glibc,… Read More »

Critical MOVEit vulnerability puts huge swaths of the Internet at severe risk

reader comments 35 A critical vulnerability recently discovered in a widely used piece of software is putting huge swaths of the Internet at risk of devastating hacks, and attackers have already begun actively trying to exploit it in real-world attacks, researchers warn. The software, known as MOVEit and sold by Progress Software, allows enterprises to… Read More »

Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating

Getty Images reader comments 29 Ransomware criminals have quickly weaponized an easy-to-exploit vulnerability in the PHP programming language that executes malicious code on web servers, security researchers said. As of Thursday, Internet scans performed by security firm Censys had detected 1,000 servers infected by a ransomware strain known as TellYouThePass, down from 1,800 detected on… Read More »