PaperCut Exploited by Hackers Using Remote Code Execution: CISA
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new warning about a serious vulnerability in PaperCut NG/MF […]
Web Security
CVE-2025-24000: Post SMTP Vulnerability & Admin Takeover of WordPress Sites
A security vulnerability in the popular Post SMTP plugin for WordPress has left over 200,000 websites exposed to potential hijacking
CVE-2025-53770: SharePoint Zero-Day Exploited in Ongoing Attacks, Patch Released
Microsoft has released urgent security patches for two critical vulnerabilities in SharePoint Server, one of which is currently being actively
CVE-2025-6558: Google Urgently Fixes Actively Exploited Chrome Zero-Day
Google has released a critical security update for its Chrome browser to fix a serious vulnerability known as CVE-2025-6558, which
CVE-2025-6463: Critical Forminator Plugin Flaw Puts 600,000 WordPress Sites at Risk
A serious vulnerability in the popular Forminator plugin for WordPress has exposed over 600,000 websites to the risk of complete
CVE-2025-6554: Google Patches Actively Exploited Chrome Zero-Day
Google has released a critical security update to patch a zero-day vulnerability in its Chrome browser, tracked as CVE-2025-6554. This
Hackers Breach 70+ Microsoft Exchange Servers: Outlook Login Pages Infected
Hackers are exploiting vulnerable Microsoft Exchange servers with stealthy keyloggers to steal login credentials, compromising over 70 systems in at
DevOps Alert: Grafana Exploit Exposes Over 46,000 Servers to Account Takeover
A newly discovered vulnerability in Grafana, the popular open-source analytics and monitoring tool, is putting thousands of organizations at serious
CVE-2025-5419: Critical Zero-Day Chrome Flaw Under Active Attack
Google has released an emergency security update for its Chrome browser to fix a high-risk zero-day vulnerability that is already
CVE-2025-47577: Critical File Upload Vulnerability Found in Wishlist WordPress Plugin
A severe flaw has been discovered in the TI WooCommerce Wishlist plugin, which is used by more than 100,000 WordPress
Fake VPN and Browser Installers Drop Winos 4.0 Malware in Stealth Attacks
Researchers from Rapid7 have revealed an ongoing malware campaign that tricks users into installing Winos 4.0, a powerful and stealthy
Warning: Malicious WordPress Plugin Provides Remote Admin Access
WordPress website owners are being targeted by a new malware campaign that disguises itself as a legitimate security plugin. This
New WooCommerce Phishing Attack Installs Malware on WordPress Websites
A new phishing campaign is targeting WooCommerce admins by sending fake security alerts. The emails trick users into downloading a
Scallywag Scam: 1.4 Billion Daily Fake Ads Linked to WordPress Sites
A major online ad fraud operation known as Scallywag has been uncovered, showing how cybercriminals abused WordPress plugins to trick
Google Chrome 136 Update Stops Websites from Tracking Your Browsing History
Google has finally addressed a major privacy flaw in its Chrome browser that allowed websites to track a user’s browsing