Written By Shane Schick

WordPress Exploit in GDPR Plugin Puts 100,000 Websites at Risk

Researchers discovered a WordPress Exploit in a plugin designed to help site owners comply with the GDPR that enables attackers to take control of admin accounts.

Canadian University Shuts Down Network in Response to Cryptocurrency Mining Attack

A Canadian university had to take critical IT systems offline after security professionals identified an attack designed to mine cryptocurrency using the school's computing resources.

Ransomware-as-a-Service Program Offers Affiliates Up to 75 Percent of Revenue to Spread Infection

A ransomware-as-a-service program called FilesLocker offers affiliates commissions of up to 75 percent on all revenue stolen from victims.

Threat Actors Combine Windows Utilities in Malware Campaign Targeting Users in Brazil

Researchers observed threat actors impersonating the Brazilian postal service in a malware campaign that combines legitimate Windows files such as WMI and CertUtil to steal banking data.

30,000 Android Users Infected With Banking Malware From 29 Bogus Apps

Nearly 30,000 Android users accidentally downloaded banking malware after filling out phishing forms that were personalized based on the apps they use.

Chalubo Bot Family Launches Distributed Denial-of-Service Attacks Against Linux Systems

Researchers discovered a family of bots dubbed Chalubo launching distributed denial-of-service (DDoS) attacks to brute-force Linux-based systems running internet-facing SSH servers.

DustSquad Uses Windows Trojan to Target Central Asian Officials With Octopus Malware

Researchers reported that the Octopus malware is using a Windows Trojan to target political entities based in Central Asia.

Threat Actors Obfuscate JavaScript to Hide Crypto-Mining Malware

Cybercriminals buried crypto-mining malware inside compromised websites in an effort to hijack victims' computing resources.

YouTube Scam Lures Eager ‘Doctor Who’ Fans to Reveal Personal Data

Researchers uncovered a YouTube scam in which several fraudulent channels urge unsuspecting "Doctor Who" fans to submit personal data to supposedly stream the British science fiction show.

Researchers Find 18 Security Vulnerabilities in Foxit PDF Reader

A free browser plugin for creating, editing and viewing PDF files contains 18 security vulnerabilities that could expose users to remote code execution.