Three critical-severity vulnerabilities in the GutenKit and Hunk Companion WordPress plugins have been exploited in a new campaign. According to István Márton, a vulnerability research contractor at Wordfence, mass exploitation of the security defects began on 8 October, with roughly 9 million exploit attempts blocked by the WordPress security firm over a two-week period, following a previously identified large-scale campaigns targeting the same bugs. The Hunk Companion plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the /wp-json/hc/v1/themehunk-import REST API endpoint in all versions up to, and including, 1.8.5. This makes it possible…
ISB Staff Reporter
In the first quarter of 2025, cyberattacks surged worldwide, with businesses facing both a higher volume and greater sophistication of threats. Organizations experienced an average of 1,925 attacks per week, representing a 47% increase compared to the same period in 2024. The education sector was the most targeted industry for cyberattacks over the past year. Schools faced an average of 4,484 attacks per week — 40% more than the next most-targeted sector. Government followed with 2,678 attacks per week, closely trailed by telecommunications at 2,664. Healthcare and medical organizations faced 2,430 weekly attacks, while the automotive sector experienced 2,145.…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence they are being actively exploited. The first, CVE-2025-30406, is a Gladinet CentreStack Use of Hard-coded Cryptographic Key Vulnerability The second, CVE-2025-29824, is a Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability Both of these types of vulnerabilities are common attack vectors for threat actors and put federal enterprises at significant risk Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to federal…
JFrog a liquid software company and creators of the JFrog Software Supply Chain Platform, has debuted JFrog ML, a MLOps solution as part of the JFrog Platform designed to enable development teams, data scientists and ML engineers to quickly develop and deploy enterprise-ready AI applications at scale. As enterprise AI initiatives face an increasing number of security, scalability and management challenges, JFrog says it is now the only platform in the world that drives the secure delivery of machine learning technologies alongside all other application components in a single solution. JFrog ML is the first addition to the platform that…
In a major international crackdown, Belgian and Dutch authorities, supported by Europol and Eurojust, have dismantled a phone phishing gang responsible for large-scale financial fraud across Europe. The operation resulted in eight arrests and significant seizures. Action Day Results Law enforcement executed 17 coordinated searches across Belgium and the Netherlands, culminating in: The Criminal Scheme The gang, based mainly in the Netherlands, conducted widespread phishing campaigns to steal financial data from victims in at least 10 European countries. Posing as police or bank employees, they targeted older individuals both online and in person. After draining victims’ accounts, the stolen funds…
The McAfee mobile research team has identified a significant global rise in predatory loan applications, commonly referred to as SpyLoan apps, which primarily target Android users. These applications, classified as potentially unwanted programs (PUP), utilize social engineering tactics to manipulate users into sharing sensitive information and granting excessive permissions, leading to extortion, harassment, and financial losses. The investigation uncovered fifteen SpyLoan apps that have been installed over eight million times. These apps employ a shared framework for encrypting and exfiltrating data to a command and control (C2) server, utilizing similar HTTP endpoint infrastructures. Their primary operations are concentrated in South America, Southern Asia, and Africa, often promoted…
A rich resource of data from nearly 350 million security scans of Internet-facing assets is now freely accessible for industry and academic research, thanks to the ImmuniWeb Community Edition. Through this initiative, the global cybersecurity community, educational institutions, government agencies, and even individual researchers can access historical data on the security of Internet-accessible resources. To support this, the following dynamic statistics are now publicly available: Global SSL Security Statistics for SSL/TLS encryption visibility, vulnerabilities, and weaknesses in web applications, APIs, email servers, and network appliances. From Q1 2024 to date, there have been 1,421,781 SSL/TLS events. In Q3 2024, the US…
Attackers leveraging vulnerabilities in Virtual Private Networks (VPNs) and exploiting weak passwords accounted for 28.7% of ransomware incidents in Q3 2024, according to Corvus Insurance’s latest Cyber Threat Report. Common credentials like “admin” and a lack of multi-factor authentication (MFA) left VPN systems vulnerable to automated brute-force attacks, highlighting the need for improved basic cyber hygiene. “Attackers are exploiting the easiest entry points, and VPNs were the favored method this quarter,” said Jason Rebholz, Chief Information Security Officer at Corvus. “As we look forward, businesses must strengthen defenses with multi-layered security approaches that extend beyond MFA. Today, MFA is mere…
Horizon3.ai, a provider of autonomous security solutions, has debuted NodeZero Kubernetes Pentesting, a feature designed to empower entities with advanced offensive security capabilities within Kubernetes environments. Available to all NodeZero users, this tool helps security teams simulate real-world attacks within Kubernetes clusters, identifying vulnerabilities from a malefactor’s perspective and helping safeguard critical infrastructure. With Kubernetes serving as a cornerstone for scalable, containerized applications, its adoption across platforms like AWS Elastic Kubernetes Service (EKS), Google Kubernetes Engine (GKE), and Azure Kubernetes Service (AKS) has introduced new security challenges. NodeZero Kubernetes Pentesting addresses these risks through real-time runtime security testing, uncovering potential…
Cyware, a provider of threat intelligence management and cyber fusion solutions, has attained Federal Risk and Authorization Management Program (FedRAMP) Ready status. With FedRAMP Ready status, Cyware says it is positioned to accelerate the authorization process, facilitate broader implementation of its solutions within federal environments, and strengthen cyber resilience across the federal government. Cyware believes this achievement marks a significant step toward enhancing secure, real-time threat intelligence exchange across US federal agencies, reinforcing collective cyber defenses for critical infrastructure. FedRAMP is a government initiative that ensures that cloud services used by federal entities adhere to stringent security standards, supporting secure…