WordPress updates are digitally signed at last!
WordPress 5.2 is out and brings a number of functional improvements, but the great news for those who are worried about the security of their installation is the …
supply chain compromise
ASUS confirms server compromise, releases fixed Live Update tool
ASUS has finally confirmed that its servers were compromised and that its ASUS Live Update tool has been tampered with, as revealed on Monday. “ASUS has also implemented …
Attackers compromised ASUS to deliver backdoored software updates
Unknown attackers have compromised an update server belonging to Taiwanese computer and electronics maker ASUS and used it to push a malicious backdoor on a huge number of …
Researchers expose massive mobile adware and data stealing campaigns with 250 million downloads
Check Point Research has uncovered two massive mobile adware and data stealing campaigns, which have already had over 250 million downloads combined globally. Both target …
Phishing, software supply chain attacks greatest threats for businesses
Attackers continue to use phishing as a preferred attack method, but have been forced to adapt their approach as anti-phishing tools and techniques are becoming more …
PHP PEAR supply chain attack: Backdoor added to installer
Some additional details have emerged about the recent security breach involving the PHP PEAR (PHP Extension and Application Repository) webserver, but much is still unknown. …
Compromised ad company serves Magecart skimming code to hundreds of websites
Security researchers have flagged a new web-based supply chain attack by one of the cybercriminal groups that fall under the Magecart umbrella. The attackers managed to …
Supply chain compromise: Adding undetectable hardware Trojans to integrated circuits
Is it possible for attackers to equip integrated circuits with hardware Trojans that will not change the area or power consumption of the IC, making them thus indiscernible …
Attackers breached Statcounter to steal cryptocurrency from gate.io users
Web analytics company Statcounter and cryptocurrency exchange gate.io have been compromised in another supply-chain attack, which resulted in an unknown number of gate.io …
VestaCP users warned about possible server compromise
Unknown attackers have compromised the official distribution of the VestaCP hosting control panel solution to harvest server IPs and admin credentials. That information was …
