account security
-
Security Flaw in Forminator Plugin Puts Over 600,000 WordPress Sites at Risk
The Forminator plugin for WordPress, used on over 600,000 sites, has a high-severity vulnerability (CVE-2025-6463) that could allow attackers to execute arbitrary file deletions, potentially leading to complete site takeovers. Users are urged to update to the latest version or disable the plugin immediately to avoid exploitation.
-
Security Researchers Warn of Bluetooth Vulnerabilities in Popular Headphones
Security researchers have identified vulnerabilities in Airoha’s Bluetooth products, putting a wide range of earbuds and headphones at risk of unauthorized access and control. Airoha has provided fixes, but manufacturers must implement updates to secure their devices.
-
Glasgow City Council Suffers Major Cyberattack, Services Disrupted
Glasgow City Council is reeling from a major cyberattack that has disrupted its digital services since June 19, 2025, with investigations underway to ascertain the extent of the breach and potential data exposure.
-
Meta Expands Passkey Support to Facebook for Enhanced Security
Meta Platforms is enhancing security for Facebook users by introducing passkey support, a next-generation authentication method designed to be easier and more secure than traditional passwords. This feature will also integrate with Meta Pay for seamless online transactions.
-
CISA Warns of Critical Vulnerability in TP-Link Routers Amid Active Exploitation
CISA has identified a critical vulnerability in TP-Link routers, urging users to take immediate action as evidence of active exploitation emerges. The agency’s guidelines are designed to mitigate the risks associated with this command injection vulnerability, affecting multiple router models.
-
Security Researchers Expose 40,000 Unprotected IoT Cameras, Raising Espionage Concerns
Researchers from Bitsight have exposed serious vulnerabilities in the security of around 40,000 internet-connected cameras globally, raising concerns over espionage and privacy for sensitive locations across the United States.
-
Google Addresses Vulnerability Exposing Users’ Phone Numbers
A vulnerability in Google’s account recovery process allowed researchers to brute-force phone numbers linked to accounts, posing a significant risk of phishing and SIM-swapping attacks, now patched by the tech firm.
-
Security Risks Emerge from Popular Chrome Extensions Transmitting User Data in Plaintext
Prominent Chrome extensions are under scrutiny as security experts highlight that several have been found transmitting sensitive data unencrypted over HTTP, raising significant privacy concerns. Users are urged to reconsider using these extensions until developers address security flaws.
-
Cisco Issues Urgent Patches for Critical Vulnerabilities in Cloud Services
Cisco has issued patches for critical vulnerabilities in its Identity Services Engine (ISE) and Customer Collaboration Platform (CCP), warning of potential exploits that could allow unauthorized access and disruption of services in cloud deployments.
-
Hewlett Packard Enterprise Issues Critical Security Warning for StoreOnce Backup Solutions
Hewlett Packard Enterprise has issued a security warning regarding eight vulnerabilities in its StoreOnce backup solutions, including a critical authentication bypass flaw that could allow for exploitation of other vulnerabilities.
