Privilege Escalation Vulnerability Patches In WP Data Access Plugin
This flaw makes it possible for authenticated attackers to grant themselves administrative privileges via a profile update if the targeted site has the ‘Role Management’ setting enabled.
Bijay Pokharel,
April 13, 2023
3 min read
Pegasus-Style Spyware Attack Hit Journalists, Politicians Via iPhone Exploits
The fear of Pegasus-style spyware attack resurfaced on Tuesday after researchers at Microsoft and the digital rights group Citizen Lab identified new victims in North America, Central Asia, Southeast Asia, Europe, and the Middle East -- once again from an Israel-based spyware maker.
Bijay Pokharel,
April 12, 2023
2 min read
Cybercriminals Sell Malicious Google Play Apps For Up To $20k Using Darknet: Report
While analyzing offers of malicious apps on Google Play for sale on the Darknet, experts have discovered that malicious mobile apps and store developer accounts are being sold for up to $20,000, a new report showed on Tuesday.
Bijay Pokharel,
April 11, 2023
2 min read
MSI Data Breach Exposes Company’s Source Code
Micro-Star International Company Ltd (MSI) suffered a data breach after a ransomware gang claimed it stole files from the PC maker.
Bijay Pokharel,
April 10, 2023
1 min read
Apple Fixes 2 Zero-Day Bugs Exploited To Hack iPhones, Macs
Apple has fixed two new zero-day security vulnerabilities exploited in attacks to compromise iPhones, Macs, and iPads, in its latest software update.
Bijay Pokharel,
April 10, 2023
1 min read
Apple Fixes Two Zero-Days Exploited To Hack iPhones And Macs
Tech giant Apple has released emergency security updates to address two new zero-day vulnerabilities exploited in attacks to compromise iPhones, Macs, and iPads.
Bijay Pokharel,
April 8, 2023
1 min read
US Alcohol Counselling Cos Leaked Over 100k Patients’ Data With Advertisers
Two US-based startups that focussed on counseling alcoholics have been, for years, sharing with advertisers their patients' personal information and health data without their consent, the media reported.
Bijay Pokharel,
April 6, 2023
2 min read
About 52% Of Organisations Suffered Data Breach In Past 2 Years Globally: Report
Over half (52 percent) of organizations have suffered a data breach in the past two years globally, an increase from 49 percent in 2022 and 39 percent in 2021, a new report said on Wednesday.
Bijay Pokharel,
April 5, 2023
2 min read
Criminal Marketplace Disrupted in International Cyber Operation
The Justice Department announced today a coordinated international operation against Genesis Market, a criminal online marketplace that advertised and sold packages of account access credentials – such as usernames and passwords for email, bank accounts, and social media – that had been stolen from malware-infected...
Bijay Pokharel,
April 5, 2023
5 min read
BEWARE: Hackers Exploiting Facebook Verified Pages to Spread Bard AI Malware
Hackers misuse Facebook's verified pages to distribute Bard AI malware and deceive unsuspecting users into downloading malicious software.
Bijay Pokharel,
April 4, 2023
2 min read
Hackers Stole Data In ‘Network Security’ Breach: Western Digital
Data storage leader Western Digital said that cyber-criminals exfiltrated data from its systems during a "network security incident".
Bijay Pokharel,
April 4, 2023
1 min read
The Top 10 Cyber Threats You Need to Know About in 2025
To help you stay protected, we've compiled a list of the top 10 cyber threats you need to know about in 2025.
Bijay Pokharel,
March 30, 2023
4 min read
Biden Bars US Federal Agencies From Using Commercial Spyware
US President Joe Biden has signed an executive order that bars federal agencies from buying third-party commercial spyware like Pegasus that poses significant counterintelligence or security risks to the US government or significant risks of improper use by a foreign government or foreign person.
Bijay Pokharel,
March 28, 2023
2 min read
Apple Fixes Webkit Zero-Day Vulnerability On Older iPhones
Tech giant Apple has released security updates to backport patches released last month, addressing an actively exploited zero-day bug for older iPhones and iPads.
Bijay Pokharel,
March 28, 2023
1 min read
Twitter Acknowledge Parts Of Its Source Code Leaked Online On GitHub
Twitter has admitted that parts of its source code were leaked online on GitHub, and has sent a copyright infringement notice to the open-source coding collaboration platform, the media reported.
Bijay Pokharel,
March 27, 2023
2 min read
Microsoft Releases Update To Fix Screenshot Editing Vulnerability On Windows
Microsoft has released an update to fix a screenshot editing vulnerability in Windows 10 and 11 that allows threat actors to recover modified screenshot sections.
Bijay Pokharel,
March 26, 2023
1 min read
US Authorities Arrest Founder Of World’s Largest Hacker Forum
The US Department of Justice has announced it arrested the founder of BreachForums, the world's largest hacker forum, which operated as a marketplace for cybercriminals to buy, sell, and trade hacked or stolen data and other contraband since March 2022.
Bijay Pokharel,
March 26, 2023
2 min read
WordPress Force Patching WooCommerce Plugin Over Critical Authentication Bypass Vulnerability
WordPress is force installing a security update on hundreds of thousands of websites running the highly popular WooCommerce Payments for online stores.
Bijay Pokharel,
March 24, 2023
2 min read
Multiple Reflected Cross-Site Scripting Vulnerabilities Patches in 3 WordPress Plugins
As with all Reflected Cross-Site Scripting vulnerabilities, these could be leveraged for a complete site takeover as long as an unauthenticated attacker could successfully trick a site administrator into performing an action, such as clicking on a link or visiting a website under the attacker’s...
Bijay Pokharel,
March 23, 2023
3 min read
Hackers Hijacking Facebook Accounts Using Malicious ChatGPT Chrome Extension
This trojanized version, which has accumulated over 9,000 downloads, masquerades as the popular "ChatGPT for Google" add-on that allows ChatGPT integration on search results. However, it contains extra code that targets Facebook session cookies in an attempt to steal Facebook accounts.
Bijay Pokharel,
March 23, 2023
3 min read





