WordPress plugin vulnerability exposed millions of websites to attack
Severe security flaw found in a backup and restore WordPress plugin......»»
Cybercriminals hijack DNS to build stealth attack networks
Hijacking domains using a ‘Sitting Ducks attack’ remains an underrecognized topic in the cybersecurity community. Few threat researchers are familiar with this attack vector, and knowledge is scarce. However, the prevalence of these attacks and t.....»»
Bitsight acquires Cybersixgill to help organizations manage cyber exposure
Bitsight announced it has signed a definitive agreement to acquire Cybersixgill, a global cyber threat intelligence (CTI) data provider. Together, Bitsight and Cybersixgill will provide visibility into an organization’s external attack surface,.....»»
Decline in West African coastal fish stocks threatens food security and livelihoods
Small-scale fisheries play a vital role in providing food and livelihoods for millions of people around the world, particularly in low-income countries in Africa. However, there is limited statistical data on the composition, abundance, and distribut.....»»
Trump’s Administration Will Attack Health Care from Multiple Angles
The new Trump administration is likely to reduce subsidies for Affordable Care Act insurance plans and roll back Medicaid coverage. Public health authorities worry that antivaccine activist Robert F. Kennedy, Jr., will be empowered.....»»
Generative AI Could Generate Millions More Tons of E-Waste by 2030
Generative AI could saddle the planet with heaps more hazardous waste.....»»
NIST is chipping away at NVD backlog
The National Institute of Standards and Technology (NIST) is clearing the backlog of unprocessed CVE-numbered vulnerabilities in the National Vulnerability Database (NVD), but has admitted that their initial estimate of when they would finish the job.....»»
The reported Apple smart home camera will combine ultimate privacy with Apple Intelligence
Earlier this week Ming-Chi Kuo suggested that we’ll see an Apple smart home camera in 2026, with the company confident it will prove to be a popular accessory, selling in the tens of millions per year. Given Apple’s habit of minimizing the num.....»»
How a Windows zero-day was exploited in the wild for months (CVE-2024-43451)
CVE-2024-43451, a Windows zero-day vulnerability for which Microsoft released a fix on November 2024 Patch Tuesday, has been exploited since at least April 2024, ClearSky researchers have revealed. About the vulnerability CVE-2024-43451 affects all s.....»»
Self-organization of living matter into complex structures: How light pattern impacts aggregation of active filaments
When active filaments are exposed to localized illumination, they accumulate into stable structures along the boundaries of the illuminated area. Based on this fact, researchers at the Max Planck Institute for Dynamics and Self-Organization (MPI-DS).....»»
Immersive Labs AI Scenario Generator improves cyber skills against various attack types
Immersive Labs introduced AI Scenario Generator. This new capability enables organizations to generate threat scenarios for crisis simulations to ensure their workforces are ready for the latest threats. By inputting a few short prompts, customers ca.....»»
The changing face of identity security
It’s easy to see why identity security is often synonymous with user security. Social engineering tactics are the mainstay of the threat actor’s arsenal, and it’s rare to find an attack that doesn’t feature them to some degree. Getting hold o.....»»
The public implications of private substitutes for electric grid reliability
Climate change events have, in recent years, placed increasing strain on public electrical grids in the United States. In response to this vulnerability, some consumers are turning to private alternatives to the electric utility, like generators and.....»»
Understanding causes of echo chambers: Political news selective exposure across countries
In our digital age, with easy access to a vast array of information, one would think that readers would naturally be exposed to a wide range of perspectives. However, the opposite seems to be happening, especially in countries like the United States.....»»
Was "Snowball Earth" a global event? New study delivers best proof yet
Geologists have uncovered strong evidence from Colorado that massive glaciers covered Earth down to the equator hundreds of millions of years ago, transforming the planet into an icicle floating in space......»»
Setting a security standard: From vulnerability to exposure management
Vulnerability management has been the standard approach to fending off cyber threats for years. Still, it falls short by focusing on a limited number of vulnerabilities, often resolving only 1% to 20% of issues. In 2024, with the average data breach.....»»
Strategies for CISOs navigating hybrid and multi-cloud security
In this Help Net Security interview, Alex Freedland, CEO at Mirantis, discusses the cloud security challenges that CISOs need to tackle as multi-cloud and hybrid environments become the norm. He points out the expanded attack surfaces, the importance.....»»
Execs at Marvel Rivals developer NetEase arrested on allegations of corruption
Two NetEase Games executives and seven employees were reportedly arrested this week in an investigation potentially worth millions......»»
Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910)
A vulnerability (CVE-2024-5910) in Palo Alto Networks Expedition, a firewall configuration migration tool, is being exploited by attackers in the wild, the Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Thursday. About CVE-2024-.....»»
Research shows disproportionate flood exposure for least polluting nations
A study published in Environmental Research Letters has exposed for the first time, how inhabitants of the smallest countries globally, contributing least to climate change, already bear the brunt of its devastating consequences and the burden is lik.....»»
Security experts warn of new hacker strategy targeting Windows drivers
A new BYOVD attack ends with an infostealer and cryptominer inserted into your Windows PC. The threat campaign named SteelFox uses fake activators......»»