Author Info

Overview A sophisticated cyber campaign has resulted in the theft of over 390,000 WordPress credentials. A group known as MUT-1244 orchestrated this extensive year-long operation, targeting both malicious actors and cybersecurity professionals through a compromised WordPress credential utility. Research Discovery Datadog Security Labs identified the attack, noting that additional

Cleo, a leading provider of file-transfer software, has issued an urgent security warning urging users to patch an actively exploited vulnerability affecting its Harmony, VLTrader, and LexiCom products. This vulnerability, which allows unauthenticated users to execute arbitrary commands on the host system, has been observed in widespread exploitation across the

In a serious cybersecurity incident, Byte Federal, the leading Bitcoin ATM provider in the United States with approximately 1,200 machines, reported a breach compromising personal data of up to 58,000 users. Details of the Breach The breach, which took place on September 30, 2024, was not identified until

The U.S. Department of Justice (DoJ) has charged 14 North Korean individuals with involvement in a fraudulent scheme exploiting remote IT work to violate sanctions, engage in wire fraud, and commit money laundering and identity theft. These actions enabled North Korea to generate significant revenue over six years. Misleading

Roskomnadzor, Russia's telecommunications authority, has recently restricted access to Viber, a widely used encrypted messaging application. This move is part of Russia's ongoing efforts to control information dissemination and curb access to certain communications platforms. Reason for Blockage Russia's internet regulator has cited Viber&

A critical security flaw in the WordPress plugin, Hunk Companion, which supports 10,000 sites, remains largely unpatched, leaving thousands vulnerable to malicious attacks. Despite a recent fix, the majority of users are yet to apply the update. Vulnerability Identifier CVE-2024-11972 Severity Rating: 9.8 out of 10 Affected Plugin:

Albanian authorities, in coordination with international agencies, have successfully dismantled the Rydox cybercrime marketplace, apprehending three of its top administrators. Arrests and Charges Kosovo nationals Ardit Kutleshi, Jetmir Kutleshi, and Shpend Sokoli were detained by Kosovo police in collaboration with Albania's Special Anti-Corruption Body (SPAK). The U.S.

The United States has announced a reward of up to $5 million for information leading to the disruption of North Korean IT worker schemes. These operations involve illicit remote work practices that fuel the nation's prohibited missile programs. Involved Entities Two companies, Yanbian Silverstar based in China and

Recent research has revealed a significant security vulnerability affecting hundreds of thousands of Prometheus servers and exporters, leaving them susceptible to password exposure, denial-of-service (DoS) attacks, and repojacking threats. Prometheus is a widely-used open-source monitoring tool vital for application performance and cloud infrastructure oversight. However, its potential exposure risks are