Author Info

A severe vulnerability has been discovered in the Jupiter X Core WordPress plugin, potentially affecting over 90,000 websites. This flaw, identified by cybersecurity experts, allows attackers with certain user privileges to upload harmful SVG files, leading to remote code execution on compromised servers. Details of the Vulnerability The vulnerability,

Recent discoveries have highlighted significant security vulnerabilities in Xerox Versalink printers, potentially allowing cybercriminals to steal sensitive credentials. These issues, identified by Rapid7, involve LDAP and SMB flaws, specifically affecting firmware version 57.69.91 and earlier. It is crucial for organizations using these devices to update their firmware immediately

A former U.S. Army soldier, Cameron John Wagenius, has confessed to infiltrating AT&T and Verizon systems, resulting in the theft of extensive phone records. This admission was documented in court records submitted on Wednesday. Details of the Guilty Plea Wagenius admitted to two charges of illegally transferring

Australia's intelligence agency has raised alarms over relentless efforts by foreign entities to access the nation's military secrets, particularly those related to the AUKUS submarine alliance with the UK and the US. The Director-General of the Australian Security Intelligence Organisation (ASIO) highlighted these concerns during the

Blockaid, a pioneering startup in blockchain application security, has successfully raised $50 million in a Series B funding round, elevating its total funding to $83 million. This significant investment was spearheaded by Ribbit Capital, with contributions from GV and existing investors like Variant and Cyberstarts. Innovative Security Platform Founded in

A critical vulnerability in Palo Alto Networks' PAN-OS software is currently being exploited by cybercriminals. This flaw, identified as CVE-2025-0108, allows attackers to bypass authentication and execute certain PHP scripts, posing a significant threat to affected systems. Understanding the Vulnerability The flaw, first reported by researchers at Searchlight Cyber

Microsoft has issued another reminder to IT administrators about the upcoming deprecation of driver synchronization in Windows Server Update Services (WSUS), set to occur on April 18. This change will impact how enterprises manage updates, urging a shift towards cloud-based solutions. Transition to Cloud-Based Solutions With the deprecation of WSUS

North Korea-affiliated cyber threat groups are increasingly adopting living-off-the-land (LotL) strategies and utilizing trusted services to bypass detection. A recent campaign by the Kimsuky group exemplifies this approach by employing PowerShell scripts and storing data in Dropbox folders, all while enhancing their operational security measures. DEEP#DRIVE Campaign Tactics The

Recently, two significant vulnerabilities have been identified in OpenSSH, a crucial tool for secure remote operations. These flaws, discovered by the Qualys Threat Research Unit (TRU), pose risks of machine-in-the-middle (MITM) and denial-of-service (DoS) attacks. Users are urged to upgrade to OpenSSH version 9.9p2 to safeguard their systems. OpenSSH