Malvertising infected millions of users in 2015
“New research from Malwarebytes has found that malvertising is one of the primary infection vectors used to reach millions of consumers this year. The analysis looked at …
Massive campaign uses router exploit kit to change routers’ DNS servers
Well-known security researcher Kafeine has spotted an active campaign aimed at compromising SOHO routers and changing their DNS settings so that the attackers can seamlessly …
Address spoofing Safari bug opens door for phishing attacks
Hacker David Leo has released a PoC exploit for a Safari vulnerability that can be misused to trick users into thinking they are on one site while they are actually on another …
Year-old flaw in popular WordPress plugin still actively exploited
Sucuri Security researchers have discovered yet another malicious campaign redirecting users to sites hosting exploits. As per usual, the attackers are mostly leveraging …
New AlphaCrypt ransomware delivered via Angler EK
“Yet another type of ransomware has been detected by malware researchers. Dubbed AlphaCrypt, it appropriates the look of TeslaCrypt, but operates similarly to Cryptowall …
100,000 web shops open to compromise as attackers exploit Magento bug
A critical vulnerability found in Magento, the most popular content management system for e-commerce sites, is being exploited by hackers to get their hands on users’ …
Russian APT group actively exploiting Flash, Windows 0-day flaws
APT28, believed to consist of Russian hackers, has been spotted wielding two zero-day exploits in the latest targeted attack aimed at an “international government entity …
Attackers actively downing Microsoft’s IIS web servers
Attackers are actively exploiting a DoS vulnerability (CVE-2015-1635) affecting Microsoft’s Internet Information Services (IIS) extensible web server, SANS ISC CTO …
Exploit for crashing Minecraft servers made public
After nearly two years of waiting for Mojang to fix a security vulnerability that can be used to crash Minecraft servers, programmer Ammar Askar has released a proof of …
Adobe fixes Flash Player zero-day exploited in the wild
Adobe released a new version of Flash Player (17.0.0.169) for Windows and Macintosh, and for Linux (11.2.202.457). These security updates fix a host of critical …
122 online forums compromised to redirect visitors to Fiesta exploit kit
Over a hundred forum websites have been compromised and injected with code that redirects users to sites hosting the Fiesta exploit kit, Cyphort researchers have found. These …
Large malvertising campaign linked to potentially compromised Google ad reseller
Dutch infosec firm Fox IT has spotted a lage scale malvertising campaign that seems to originate from Bulgarian Google ad reseller EngageLab. The first redirection has been …
Featured news
Resources
Don't miss
- PortGPT: How researchers taught an AI to backport security patches automatically
- AI can flag the risk, but only humans can close the loop
- VulnRisk: Open-source vulnerability risk assessment platform
- Connected homes: Is bystander privacy anyone’s responsibility?
- Google says 2026 will be the year AI supercharges cybercrime