WooCommerce fixes critical Upload Files vulnerability
Developers have fixed a critical vulnerability in the WooCommerce Upload Files plugin. WooCommerce is an open-source e-commerce platform used by...
Ax Sharma
Ax Sharma is a UK-based security researcher, journalist and TV subject matter expert experienced in malware analysis and cybercrime investigations. His areas of interest include open source software security and threat intel analysis. Frequently featured by leading media outlets like the BBC, Channel 5, Fortune, WIRED, The Register, among others, Ax is an active community member of the OWASP Foundation and the British Association of Journalists (BAJ).
Grayhat pollutes npm, PyPI with thousands of fake supply chain dependencies
A gray hat hacker has published over 7,000 dependency confusion packages to npm and PyPI repositories and continues to do...
ThyssenKrupp suffers ransomware attack for the third time
The Germany-based international engineering and materials corporation, ThyssenKrupp has been a victim of repeated cyberattacks from threat actors in a...
Hacker claims to sell 1.3 million Hyundai Russia customer records
This week a hacker put up records of 1.3 million Hyundai customers based in Russia for sale on a forum. The records expose...
Data of 500,000 Betway gambling customers being allegedly sold on hacker forum
This month, Security Report has come across a hacker forum thread in which a seller claims to sell details of...
PoC exploits for Apache Flink Path Traversal vulnerabilities posted
This week, the Apache Flink project has disclosed two severe Path Traversal vulnerabilities in the framework that can allow attackers...
Source code revealed for malware that locks IoT male chastity devices
While ransomware operators are holding companies' private data for multi-million dollar ransom amounts, this one's got your private parts. A...
Cloudflare WAF bypass exploits revealed
Cloudflare Web Application Firewall (WAF) which touts itself to protect some 25 million sites remains vulnerable to rule bypasses, researchers...
Amey suffers cyber attack from ransomware
Amey Plc, the British giant providing infrastructure support services to both regulated and public sectors has suffered a ransomware attack...
Backdoor master password for thousands of Zyxel firewalls revealed
Multiple Zyxel devices including firewalls and access point (AP) controllers contain a hardcoded username-password combination in the firmware images, which...