Attackers Target 1M+ WordPress Sites To Harvest Database Credentials
An attack over the weekend unsuccessfully targeted 1.3 million WordPress websites, in attempts to download their configuration files and harvest database credentials.
Vulnerabilities
Critical SAP ASE Flaws Allow Complete Control of Databases
Researchers warn of critical flaws in SAP’s Sybase Adaptive Server Enterprise software.
Two Critical Android Bugs Open Door to RCE
Google and Qualcomm both addressed significant vulnerabilities in their June updates.
Several Exim Vulnerabilities Exploited in Russia-Linked Attacks
Several vulnerabilities affecting the Exim mail transfer agent (MTA) have been exploited by Russia-linked hackers, and administrators have been urged to patch immediately, but hundreds of thousands of servers remain unpatched.
read more
Android’s June 2020 Patches Fix Critical RCE Vulnerabilities
Google has started rolling out the June 2020 security patches for the Android operating system, which address a total of 43 vulnerabilities, including several rated critical.
read more
Apple Jailbreak Zero-Day Gets a Patch
The zero-day vulnerability tracked as CVE-2020-9859 is exploited by the “Uncover” jailbreak tool released last week.
"Sign in with Apple" Vulnerability
Researcher Bhavuk Jain discovered a vulnerability in the "Sign in with Apple" feature, and received a $100,000 bug bounty from Apple. Basically, forged tokens could gain access to pretty much any account. It is fixed. EDITED TO ADD (6/2): Another story….
TikTok Alternative Mitron App Has A Critical Vulnerability Allowing Account Takeovers
The latest social media craze Mitron app has a critical vulnerability. As discovered, the bug allows an adversary to takeover
TikTok Alternative Mitron App Has A Critical Vulnerability Allowing Account Takeovers on Latest Hacking News.
Critical Vulnerability Found In MapPress Maps WordPress Plugin
Heads up WordPress admins! Another WordPress plugin is found to have a serious vulnerability affecting thousands of websites. This time,
Critical Vulnerability Found In MapPress Maps WordPress Plugin on Latest Hacking News.
Cisco Reveals Security Breach Affecting Six Servers Due To SaltStack Bugs
Cisco has once again made it to the news. But this time, it isn’t because of bug fixes, rather a
Cisco Reveals Security Breach Affecting Six Servers Due To SaltStack Bugs on Latest Hacking News.