Fake Browser Update Malware Targets WordPress Sites via Malicious Plugins
https://www.bleepingcomputer.com/news/security/over-6-000-wordpress-sites-hacked-to-install-plugins-pushing-infostealers WordPress website owners beware! A new wave of attacks is targeting your sites to install malicious plugins that display fake software updates and...
Mandiant Report: Exploited Vulnerabilities Reach Record Lows in Time to Patch, But Zero-Days on the Rise
https://cloud.google.com/blog/topics/threat-intelligence/time-to-exploit-trends-2023 A new report by cybersecurity firm Mandiant reveals a concerning trend: attackers are exploiting vulnerabilities faster than ever before, with zero-day attacks (exploits for unknown...Massive UN Data Leak Exposes Personal Information of Violence Against Women Victims
https://www.vpnmentor.com/news/report-unwomen-breach A security researcher uncovered a massive data leak from the UN Trust Fund to End Violence against Women, jeopardizing the privacy of victims and staff. The UN Trust Fund’s database was misconfigured and...AI Transcription Tool “Whisper” Creates Fabricated Text, Raising Concerns in Healthcare and Beyond
https://apnews.com/article/ai-artificial-intelligence-health-business-90020cdf5fa16c79ca2e5b6c4c9bbb14 Popular AI tool Whisper, lauded for its accuracy, has a major flaw: it invents entire sentences or phrases, raising concerns about its use in healthcare, closed...Cyber Skills Gap Widens, Nearly 90% of Businesses Link Breaches to Lack of Expertise
https://www.fortinet.com/content/dam/fortinet/assets/reports/2024-cybersecurity-skills-gap-report.pdf Fortinet’s latest Global Cybersecurity Skills Gap Report paints a concerning picture: the cybersecurity skills gap is widening, and businesses are increasingly...Half of Businesses Underestimate SaaS Security Risks, Culture Blamed
The State of SaaS Security Report 2024 A new report by AppOmni reveals a significant gap between perception and reality when it comes to SaaS security in enterprises. Key Findings: Nearly half (49%) of businesses underestimate the security risks associated with SaaS...Malicious npm Packages Target Developers’ Ethereum Wallets with SSH Backdoor
https://blog.phylum.io/trojanized-ethers-forks-on-npm-attempting-to-steal-ethereum-private-keys Security researchers at Phylum have uncovered a series of malicious packages targeting Ethereum developers on the npm registry, the world’s most popular software...Internet Archive Hit Again: Exposed Tokens Lead to Zendesk Email Breach
https://www.bleepingcomputer.com/news/security/internet-archive-breached-again-through-stolen-access-tokens The Internet Archive is facing renewed security woes after a threat actor exploited exposed GitLab authentication tokens to gain access to the...