A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks. The flaw, tracked as CVE-2024-5932 (CVSS score: 10.0), impacts all versions of the plugin prior to version 3.14.2, which was released on August 7, 2024. A security researcher, who […]
As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount. With AWS (Amazon Web Services) still being the dominant cloud it is important for any security professional to know where to look for signs of compromise. AWS CloudTrail stands out as an essential tool for tracking and logging […]
Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a Progressive Web Application (PWA) in an attempt to steal their banking account credentials. The attacks have targeted the Czech-based Československá obchodní banka (CSOB), as well as the Hungarian OTP Bank and the Georgian TBC Bank, according to Slovak […]
Cybercrime is a growing threat to Africa’s economies, hindering their progress despite rapid GDP growth. The continent faces challenges like digital illiteracy and a shortage of cybersecurity professionals.
To bolster cybersecurity, focus on managing and utilizing enterprise data efficiently. Companies possess significant data reserves, yet these are often scattered across different systems, necessitating manual efforts to extract value.
Suspected hackers who stole $14 million worth of cryptocurrency from Holograph, a blockchain tech firm, have been arrested in Italy after living a lavish lifestyle for weeks in luxury villas.
The NCSC has launched the Cyber Resilience Audit (CRA) scheme to find auditors for a new cyber-resilience initiative. It focuses on conducting independent audits based on the Cyber Assessment Framework (CAF) to support nationally critical sectors.
CERT-UA has identified the deployment of two malicious tools by Vermin: Spectr spyware, which can capture screenshots and steal data, and a new malware strain called Firmachagent, which is used to upload stolen data.
API security is a major concern due to issues like exposed secrets and unauthorized access, leading to serious vulnerabilities for many organizations. A recent report shoed 35% of exposed API keys are still active, posing significant security risks.