Written By Shane Schick

Shade Ransomware Campaign Compromises at Least 500 WordPress and Joomla Websites

Security researchers discovered a hidden HTTP directory that is allowing threat actors to install Shade ransomware on WordPress and Joomla websites.

Magento Flaw Lets Cybercriminals Access E-Commerce Sites Without Authentication

Security researchers discovered a Magento flaw that could enable cybercriminals to penetrate and control features within the popular e-commerce site without authentication.

TrickBot Creators Collaborate With BokBot to Conduct Man-in-the-Middle Attacks

Security researchers warn that the cybercriminals behind the TrickBot and BokBot banking Trojans are now collaborating to perform man-in-the-middle (MitM) attacks.

GlitchPOS Creator Offers Instructional Video to Make Deploying POS Malware Easier

Security researchers discovered a strain of POS malware dubbed GlitchPOS that comes with an instructional video to help would-be cybercriminals steal credit card data.

Researchers Uncover Highly Exploitable WinRAR Bug That Puts 500 Million Users at Risk

More than 100 unique exploits of a WinRAR bug have been identified since security researchers discovered a 19-year-old vulnerability in the file compression system.

Instagram Hack Fools Social Media Influencers With Phony ‘Verified’ Badges

Security researchers observed a Turkish-speaking group of cybercriminals using an Instagram hack to extort money, nude photos and other information from social media influencers.

Highly Critical Drupal Vulnerability Could Expose Sites to RCE Attacks, Developers Warn

By exploiting a critical Drupal vulnerability recently disclosed by developers, attackers could potentially take control of websites and servers built on the CMS.

Cybercriminals Generated $56 Million Over 12 Years From Monero Crypto-Mining Malware

An analysis of more than 4.4 million malware samples showed botnets were responsible for crypto-mining at least 4.3 percent of Monero over a 12-year period.

Collection #1 Data Breach Exposes Nearly 733 Million Records, Highlighting Need for Multifactor Authentication

The Collection #1 data breach, which exposed nearly 733 million unique email messages and 21 million passwords, underscores the urgent need for enterprises to adopt multifactor authentication.

University of Maryland Researchers Use Audio Files and AI to Defeat reCaptcha Challenges

University of Maryland researchers warn that with limited resources, threat actors could launch a successful cyberattack on Google's bot-detecting reCaptcha service.