Risk
-
Researchers find HTTP/2 flaw that can trigger rapid denial of service on major servers
Researchers say a new HTTP/2 denial-of-service flaw can hit major web servers, including NGINX, Apache HTTPD and Microsoft IIS. The issue can rapidly exhaust memory and may be difficult to block in default configurations.
-
Critical Kirki flaw lets attackers take over WordPress admin accounts
Hackers are exploiting a critical flaw in the Kirki WordPress plugin to hijack user accounts, including admins, with more than 222 attack attempts blocked in 24 hours, according to Wordfence.
-
WeedHack malware campaign infects more than 116,000 Minecraft systems
A malware campaign called WeedHack has infected more than 116,000 Minecraft systems since January, using fake mods and clients promoted through YouTube and search poisoning to steal credentials and other data.
-
Malicious npm package targets OpenAI Codex users and steals authentication tokens
Researchers say a malicious npm package and related Android apps targeted OpenAI Codex users, stealing local authentication tokens and sending them to an attacker-controlled server, with the package drawing more than 29,000 weekly downloads.
-
WordPress WP Maps Pro flaw under active attack, 2,858 attempts blocked
A critical WP Maps Pro flaw is being actively exploited to create WordPress administrator accounts, with Wordfence blocking 2,858 attacks in 24 hours. The issue affects versions through 6.1.0 and was fixed in 6.1.1.
-
Palo Alto PAN-OS flaw under active exploitation as limited attacks reported
Palo Alto Networks said an authentication bypass in PAN-OS and Prisma Access is under active exploitation, with limited attempts seen against unpatched devices. The flaw can let attackers establish unauthorized VPN connections.
-
ChatGPhish flaw can turn ChatGPT summaries into phishing lures
Researchers disclosed ChatGPhish, a ChatGPT flaw that can render malicious links, images and QR codes inside summaries of web pages. The technique may leak browser details and create a new phishing surface during normal browsing.
-
US watchdog cites NIST for mismanaging vulnerability database, duplicate work
A Commerce inspector general report said NIST mismanaged the National Vulnerability Database, leaving a backlog of more than 27,000 unprocessed flaws and duplicating work with CISA. The agency agreed to fix six problems.
-
Attackers use AI agent after Marimo flaw to raid internal database
An unknown threat actor used an LLM agent after exploiting a Marimo vulnerability to steal cloud credentials, retrieve an SSH key and exfiltrate an internal PostgreSQL database, according to a technical analysis from Sysdig.
-
Dutch authorities take down botnet tied to 17 million infected devices
Dutch authorities have taken offline a botnet of at least 17 million infected devices and seized more than 200 servers in the Netherlands, according to a joint disclosure from the National Cyber Security Centre and police.
