- Cybersecurity News:
- Attackers use abandoned WordPress plugin to backdoor websites [Bill Toulas, Bleeping Computer]
- 3CX hack caused by trading software supply chain attack [Sergiu Gatlan, Bleeping Computer]
- Russian snoops just love invading unpatched Cisco gear, America and UK warn [Jessica Lyons Hardcastle, The Register]
- Phishing:
- New QBot email attacks use PDF and WSF combo to install malware [Lawrence Abrams, Bleeping Computer]
- Vulnerabilities & Patches:
- VMware Patches Pre-Auth Code Execution Flaw in Logging Product [Ryan Naraine, SecurityWeek]
- Hackers actively exploit critical RCE bug in PaperCut servers [Bill Toulas, Bleeping Computer]
- Google Chrome Hit by Second Zero-Day Attack – Urgent Patch Update Released [Ravie Lakshmanan, The Hacker News]
- Oracle Releases 433 New Security Patches With April 2023 CPU [Ionut Arghire, SecurityWeek]
- Breaches & Leaks:
- Multinational bank leaks passports and credit card numbers [Paulina Okunytė, Cybernews]
- Others:
- Misconfiguration leaves thousands of servers vulnerable to attack, researchers find [Christian Vasquez, CyberScoop]
C410 A2BE CB73 EF77 746E 9682 E2C4 91CE D20D 800F