Last week, WordPress patched three security flaws, but just yesterday the company disclosed about a nasty then-secret zero-day vulnerability that let remote unauthorized hackers modify the content of any post or page within a WordPress site.
The nasty bug resides in WordPress REST API that would lead to the creation of two new vulnerabilities: Remote privilege escalation and Content injection
WordPress fixed three security issues, including a XSS and SQL injection, with WordPress 4.7.2 this week.
Researchers found a third of the top WordPress e-commerce plugins contain severe vulnerabilities tied to XSS cross-site scripting, SQL injection and file manipulation flaws.
Indian embassy websites in seven different countries have been hacked, and attackers have leaked personal data, including full name, residential address, email address, passport number and phone number, of Indian citizens living abroad.
This incident is extremely worrying because it involves diplomatic personnel working in the embassies that have always been a favorite target of
Cisco released a patch for a critical flaw that allowed a remote attacker to gain control of one of its email security appliances.
A researcher has disclosed some details and a limited proof-of-concept for a critical MySQL vulnerability. The flaw has been patched in MariaDB and PerconaDB.
A breach that exposed 200,000 Grand Theft Auto fan forum users’ email addresses and private data is being blamed on an exploit of outdated and vulnerable vBulletin software.
Canonical’s CEO claims a SQL injection vulnerability led to the hack of Ubuntu’s Two million user strong forums.
Crooks breaking into enterprise networks are holding data they steal for ransom under the guise they are doing the company a favor exposing a flaw.
A security researcher disclosed vulnerabilities in the poorly secured web domains of a Florida county elections, but he ended up in handcuffs on criminal hacking charges and jailed for six hours Wednesday.
Security researcher David Michael Levin was arrested and charged by the United States law enforcement after breaking into and disclosing some serious vulnerabilities in a couple of