Latest News
Stay up to date with the latest posts and updates
Alerts
-
Critical Valve Bug Lets Gamers Add Unlimited Funds to Steam Wallets
Valve plugs an API bug found in its Steam platform that that abused the Smart2Pay system to add unlimited funds to gamer digital wallets.
4 min read
-
XSS Bug in SEOPress WordPress Plugin Allows Site Takeover
The bug would allow a number of malicious actions, up to and including full site takeover. The vulnerable plugin is installed on 100,000 websites.
4 min read
-
Vulnerability Summary for the Week of August 9, 2021
Original release date: August 16, 2021 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info alg_ds_project — alg_ds An issue was discovered…
4 min read
-
Exchange Servers Under Active Attack via ProxyShell Bugs
There’s an entirely new attack surface in Exchange, a researcher revealed at Black Hat, and threat actors are now exploiting servers vulnerable to the RCE bugs.
4 min read
-
WordPress Sites Abused in Aggah Spear-Phishing Campaign
The Pakistan-linked threat group’s campaign uses compromised WordPress sites to deliver the Warzone RAT to manufacturing companies in Taiwan and South Korea.
4 min read
-
Black Hat: Novel DNS Hack Spills Confidential Corp Data
Threatpost interviews Wiz CTO about a vulnerability recently patched by Amazon Route53’s DNS service and Google Cloud DNS.
4 min read
