Premium WordPress ‘Motors’ theme vulnerable to admin takeover attacks
SkyNet Automation A critical privilege escalation vulnerability has been discovered in the premium WordPress theme Motors, which allows unauthenticated attackers…
BleepingComputer
VanHelsing ransomware builder leaked on hacking forum
The VanHelsing ransomware-as-a-service operation published the source code for its affiliate panel, data leak blog, and Windows encryptor…
SK Telecom says malware breach lasted 3 years, impacted 27 million numbers
SK Telecom says that a recently disclosed cybersecurity incident in April, first occurred all the way back in…
Hazy Hawk gang exploits DNS misconfigs to hijack trusted domains
A threat actor named ‘Hazy Hawk’ has been using DNS CNAME hijacking to hijack abandoned cloud endpoints of…
RVTools hit in supply chain attack to deliver Bumblebee malware
The official website for the RVTools VMware management tool was taken offline in what appears to be a…
Service desks are under attack: What can you do about it?
Service desks are on the front lines of defense—and attackers know it. Attackers are using social engineering attacks…
OpenAI plans to combine multiple models into GPT-5
OpenAI is planning to combine multiple products (features or models) into its next foundational model, which is called…
Fake KeePass password manager leads to ESXi ransomware attack
Threat actors have been distributing trojanized versions of the KeePass password manager for at least eight months to…
O2 UK patches bug leaking mobile user location from call metadata
A flaw in O2 UK’s implementation of VoLTE and WiFi Calling technologies could allow anyone to expose the…
Windows 10 emergency updates fix BitLocker recovery issues
Microsoft has released out-of-band updates to fix a known issue causing Windows 10 systems to boot into BitLocker…