News ≈ Packet Storm
VMware Patches Critical SQL Injection Flaw In Aria Automation
July 11^th 2024 at 13:58

VMware Patches Critical SQL Injection Flaw In Aria Automation

🏷️ My labels
- ❌
Article tags
July 11^th 2024 at 13:58

The Hacker News
BreachForums Returns Just Weeks After FBI Seizure - Honeypot or Blunder?
May 29^th 2024 at 07:11

BreachForums Returns Just Weeks After FBI Seizure - Honeypot or Blunder?

By: Newsroom

The online criminal bazaar BreachForums has been resurrected merely two weeks after a U.S.-led coordinated law enforcement action dismantled and seized control of its infrastructure. Cybersecurity researchers and dark web trackers Brett Callow, Dark Web Informer, and FalconFeeds revealed the site's online return at breachforums[.]st – one of the dismantled sites – by a user named ShinyHunters,

The Hacker News
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
April 26^th 2024 at 05:49

Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites

By: Newsroom

Threat actors are attempting to actively exploit a critical security flaw in the ValvePress Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.92.0. The issue has been resolved in version 3.92.1 released on February 27, 2024,

The Hacker News
Atlassian Releases Fixes for Over 2 Dozen Flaws, Including Critical Bamboo Bug
March 21^st 2024 at 03:34

Atlassian Releases Fixes for Over 2 Dozen Flaws, Including Critical Bamboo Bug

By: Newsroom

Atlassian has released patches for more than two dozen security flaws, including a critical bug impacting Bamboo Data Center and Server that could be exploited without requiring user interaction. Tracked as CVE-2024-1597, the vulnerability carries a CVSS score of 10.0, indicating maximum severity. Described as an SQL injection flaw, it's rooted in a dependency called org.postgresql:

News ≈ Packet Storm
Update Delays To NIST Vulnerability DB Alarms Researchers
March 19^th 2024 at 14:47

Update Delays To NIST Vulnerability DB Alarms Researchers

🏷️ My labels
- ❌
Article tags
March 19^th 2024 at 14:47

News ≈ Packet Storm
Millions Of Records Stolen From 65 Websites Via SQL Injection Attacks
February 6^th 2024 at 15:50

Millions Of Records Stolen From 65 Websites Via SQL Injection Attacks

🏷️ My labels
- ❌
Article tags
February 6^th 2024 at 15:50

The Hacker News
Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data
February 6^th 2024 at 10:14

Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data

By: Newsroom

Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted by a previously undocumented threat actor known as ResumeLooters since early 2023 with the goal of stealing sensitive data. Singapore-headquartered Group-IB said the hacking crew's activities are geared towards job search platforms and the theft of resumes, with as many as 65