Aggregator

These are the tools of the trade Sophos detected in use by cybercriminals over 2024

Ransomware remains the biggest threat, but old and misconfigured network devices are making it too easy

Complaint Says Russia-Based IP Address Attempted to Gain Access as DOGE Took Data
A whistleblower has accused staffers from the Department of Government Efficiency of attempting to cover their tracks while collecting troves of sensitive data from the independent labor agency's computer systems, raising significant security concerns.

Acht Nederlandse militairen zijn aan de slag gegaan in Tsjaad. In dit Afrikaanse land leiden zij tot en met juli trainers op. Die onderrichten op hun beurt Afrikaanse infanteristen om deel te nemen aan missies van de Afrikaanse Unie en van de Verenigde Naties. Een overzicht van Defensieoperaties in de week van 9 tot met 15 april 2025.

Узнайте о лучших способах защитить свой домашний роутер от взлома.

录播+直播 动手实践，实现从0到1的跨越

​4chan 遭竞争对手 Soyjak.st 黑客攻击，源代码及版主信息泄露，网站陷入瘫痪。

看雪论坛作者ID：moshuiD

Defensie en het Nederlands Olympisch Comité en de Nederlandse Sport Federatie (NOC*NSF) delen hetzelfde doel: zorgen dat Nederlanders weerbaar, fitter en vitaler worden. Daarom werken ze vanaf nu nauwer samen om de kracht van sport te benutten. Dat is vandaag met handtekeningen bekrachtigd in het ministerie van Defensie in Den Haag.

该工具被宣传为“WormGPT与所有EvilGPT变种的杀手”，其核心卖点在于完全独立的多模型架构、模块化设计及离线操作能力。

近期，火绒工程师在日常监测安全动态时发现，Rhadamanthys 窃密木马家族包含多种模块。这些模块采用自定义的 PE 结构，与正常的 PE 结构相似，因此需要手动构造 PE 文件进行分析。

这不仅仅是简单的技术问题

这不仅仅是简单的技术问题

A vulnerability has been found in Video Conferencing with Zoom Plugin up to 4.4.4 on WordPress and classified as problematic. This vulnerability affects unknown code of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-2031. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in WP Go Maps Plugin up to 9.0.32 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-1582. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Shariff Wrapper Plugin up to 4.6.9 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-0966. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability has been found in Home Services Theme up to 1.2.6 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Home Service. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-26930. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Glossy Blog Theme up to 1.0.3 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-26934. The attack can be initiated remotely. There is no exploit available.