The Federal Bureau of Investigation (FBI), Department of Defense Cyber Crime Center (DC3), and Japan’s National Police Agency (NPA) have issued a joint press release detailing a major cryptocurrency theft....
Matt Mullenweg, WordPress co-founder and Automattic CEO, has pulled the plug on several key services for free WordPress.org users. New account registrations, plugin/theme submissions, and even photo uploads have been...
Security researcher Alex Birnberg with SSD Secure Disclosure published the technical details and a proof-of-concept (PoC) exploit code for CVE-2024-30085 – a Windows Cloud Files Mini Filter Driver Elevation of...
The popular web-based system administration tool, Webmin, has been found to harbor a critical security vulnerability (CVE-2024-12828) that could allow attackers to seize control of servers. With an estimated one...
A severe command injection vulnerability (CVE-2024-56334) has been identified in the widely used Node.js system information package, which has over 8 million monthly downloads and a staggering 330 million total...
CrushFTP, a popular file transfer server known for its robust features and user-friendly interface, has issued an urgent security advisory regarding a critical vulnerability that could lead to account takeover....
Adobe has released urgent security updates to address a critical vulnerability in ColdFusion versions 2023 and 2021. This vulnerability, identified as CVE-2024-53961, could allow attackers to read arbitrary files from...
Radware’s latest report unveils the emergence of the Holy League—a hacktivist formed in July 2024. This group is the result of a strategic merger between the pro-Russian High Society and...
TRAC Labs recently unveiled a new phishing kit, named WikiKit, which is targeting industries across automotive, manufacturing, medical, and more. This sophisticated attack employs unique techniques to evade detection and...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has raised the alarm on a critical security flaw impacting the Acclaim USAHERDS web application. This vulnerability, officially tracked as CVE-2021-44207 and...
The Rspack ecosystem, known for its high-performance JavaScript bundler written in Rust, has become the latest victim of a supply chain attack. The breach impacted two widely used npm packages,...
Cybercriminals are increasingly weaponizing cracked versions of legitimate vulnerability scanning tools, like the Araneida Scanner, for malicious activities, according to Silent Push Threat Analysts. Based on unauthorized modifications of Acunetix,...
Google finds itself in hot water with regulators yet again, this time in Japan. The nation’s Fair Trade Commission (JFTC) is poised to rule that the tech giant has violated...
Streaming giant Netflix has been hit with a hefty fine by the Dutch Data Protection Authority (Dutch DPA) for failing to provide clear and sufficient information to customers about how...
The Apache Software Foundation recently released a critical security update to address a remote code execution (RCE) vulnerability in Apache Tomcat, identified as CVE-2024-56337. This vulnerability affects a wide range...
Support Securityonline.info site. Thanks!
