Page Builder by SiteOrigin WordPress Vulnerability Affects Up To 500k Sites

Page Builder by SiteOrigin WordPress plugin vulnerability enables attackers to execute arbitrary server files.
Security Boulevard

Fake Zoom and Google Meet scams install Teramind: A technical deep dive

While the original Zoom-themed site at uswebzoomus [.]com was taken down by Namecheap following community reporting, a second site at googlemeetinterview [.]click is actively deploying the same ...

Compromised Site Management Panels are a Hot Item in Cybercrime Markets

Compromised cPanel credentials are being sold in bulk across underground channels as plug-and-play phishing and scam infrastructure. Flare explains how analyzing 200,000 underground posts reveals a ...
Infosecurity Magazine

North Korea's APT37 Expands Toolkit to Breach Air-Gapped Networks

The security researchers from Zscaler ThreatLabz have also discovered five new tools deployed by the North Korean hacking ...
SecurityWeek

North Korean APT Targets Air-Gapped Systems in Recent Campaign

North Korean hacking group APT37 was seen deploying new implants, backdoors, and other tools in attacks targeting air-gapped ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...