WordPress site admins: Update immediately!
If you’re running your website on WordPress and you haven’t yet upgraded to version 4.8.3, you should do so without delay. The advice comes from the WordPress …
SQL injection
Unpatched SQLi vulnerability in SmartVista e-commerce suite
Companies using SmartVista, the popular e-commerce/payment management product suite developed by Swiss company BPC Banking Technologies, are urged to put limit access to its …
Telegram-based Katyusha SQL injection scanner sold on hacker forums
Despite regularly achieving one of the top spots on the OWASP Top 10 list of the most critical web application security risks, injection vulnerabilities continue to plague …
Joomla users: Update immediately to kill severe SQLi vulnerability
Version 3.7 of Joomla, pushed out less than a month ago, opens websites to SQL injection attacks, Sucury Security researchers have found. As explained by researcher …
Hacker breached 60+ unis, govt agencies via SQL injection
A hacker tied to the November 2016 penetration of the US Election Assistance Commission and subsequent database sale has successfully targeted 60+ government agencies and …
Epic Games forums hacked again, over 800,000 users affected
Some of the online forums maintained by Epic Games, the video game development company behing the Unreal Engine technology and games based on it, have been hacked and their …
Ubuntu Forums hacked again, 2 million users exposed
Canonical’s Ubuntu Forums have been hacked, and the attacker has managed to access and download part of the Forums database, containing usernames, email addresses and …
Strengthen security during production and development
Applications have become the heart of many businesses, with millions of dollars allocated to their development and millions of dollars in revenue associated with their …
Phineas Fisher records, publishes latest attack
Phineas Fisher, the hacker behing the Gamma International and Hacking Team breaches and data leaks, is at it again. This time his target was Sindicat de Mossos …
Researcher demonstrates website’s lax security, gets arrested
David Levin, CTO of pentesting company Vanguard Cybersecurity, has made a critical mistake while testing the security of the Lee County (Florida) elections website: he …
