Patchstack discovered the critical flaw in the plugin’s password reset mechanism, specifically within the userpro_process_form function, which allowed unauthenticated users to change the passwords of other users under certain conditions.
Cyware News – Latest Cyber News – Read More
The Association of California School Administrators (ACSA) is informing nearly 55,000 individuals that they have been impacted by a ransomware attack.
The post 55,000 Impacted by Cyberattack on California School Association appeared first on SecurityWeek.
SecurityWeek – Read More
Bolster has raised $14 million in Series B funding for technology integrations for its AI-powered phishing protection platform.
The post Bolster Raises $14 Million for AI-Powered Phishing Protection appeared first on SecurityWeek.
SecurityWeek – Read More
Intercontinental Exchange, the company that operates NYSE and other exchanges, has agreed to pay a $10 million fine related to a 2021 hack.
The post NYSE Operator Intercontinental Exchange Gets $10M SEC Fine Over 2021 Hack appeared first on SecurityWeek.
SecurityWeek – Read More
It will be interesting to see how AI continues to evolve and how it is used by defenders as they attempt to leapfrog attackers and protect the organization against new forms of AI attacks.
The post Why We Need to Get a Handle on AI appeared first on SecurityWeek.
SecurityWeek – Read More
Unfading Sea Haze has been targeting military and government entities in South China Sea countries since 2018.
The post Newly Detected Chinese Group Targeting Military, Government Entities appeared first on SecurityWeek.
SecurityWeek – Read More
The personal information of 400,000 individuals was compromised in a data breach at El Centro Del Barrio (CentroMed).
The post 400,000 Impacted by CentroMed Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
Apple is one of several companies, along with Google, Skyhook, and others, that operate a WPS. They offer client devices a way to determine their location that’s more energy efficient than using the Global Positioning System (GPS).
Cyware News – Latest Cyber News – Read More
Attackers are getting more sophisticated, better armed, and faster. Nothing in Rapid7’s 2024 Attack Intelligence Report suggests that this will change.
The post Zero-Day Attacks and Supply Chain Compromises Surge, MFA Remains Underutilized: Rapid7 Report appeared first on SecurityWeek.
SecurityWeek – Read More
Former White House National Security Council cyber staff member Jeff Greene, the current cybersecurity programs director at the Aspen Institute think tank, is joining the CISA next month, the agency confirmed.
Cyware News – Latest Cyber News – Read More