admin

admin

  • Joined: September 10, 2024
  • Articles: 4624

Over 100,000 WordPress Sites Vulnerable to Critical CVSS 10.0 Flaw in TI WooCommerce Wishlist Plugin

May 29, 2025 Vulnerability / Website Security

Cybersecurity experts have revealed a severe, unpatched security vulnerability affecting the TI WooCommerce Wishlist plugin for WordPress. This flaw can be exploited by unauthenticated attackers to upload arbitrary files. The TI WooCommerce Wishlist, with over 100,000 active installations, allows e-commerce customers to save their favorite products and share their lists on social media.

According to Patchstack researcher John Castro, “The plugin is susceptible to an arbitrary file upload vulnerability, enabling attackers to upload malicious files to the server without any authentication.” Identified as CVE-2025-47577, this vulnerability has a CVSS score of 10.0 and affects all versions up to and including 2.9.2, released on November 29, 2024. Currently, no patch is available. The website security firm pointed out that the vulnerability is linked to a function called “tinvwl_upload_file_wc_fields_factory,” which utilizes another native WordPress…

Over 100,000 WordPress Sites Vulnerable Due to Critical Flaw in Wishlist Plugin May 29, 2025 Vulnerability / Website Security A significant cybersecurity threat has emerged involving a critical security vulnerability in the TI WooCommerce Wishlist plugin for WordPress. Currently used…

Pakistani Hackers Deploy Linux Malware “Poseidon” to Target Indian Government Entities

April 19, 2023
Linux / Malware

The Pakistan-based advanced persistent threat (APT) group known as Transparent Tribe has exploited a two-factor authentication (2FA) tool utilized by Indian government agencies to introduce a new Linux backdoor dubbed Poseidon. According to Uptycs security researcher Tejaswini Sandapolla, “Poseidon serves as a second-stage malware payload linked to Transparent Tribe. It functions as a versatile backdoor, enabling attackers to perform a variety of malicious actions such as logging keystrokes, capturing screenshots, and managing system files remotely.” Transparent Tribe, also identified as APT36, Operation C-Major, PROJECTM, and Mythic Leopard, has a history of targeting Indian governmental bodies, military personnel, defense contractors, and educational institutions. This group frequently utilizes trojanized versions of legitimate software to carry out its attacks.

Pakistani Hackers Employ Linux Malware “Poseidon” to Compromise Indian Government Networks On April 19, 2023, cybersecurity researchers reported that a prominent threat actor from Pakistan, known as Transparent Tribe, has utilized a fraudulent two-factor authentication (2FA) tool to deploy a…

China-Linked Hackers Target SAP and SQL Server Vulnerabilities in Attacks Across Asia and Brazil

May 30, 2025
Vulnerability / Threat Intelligence

A China-linked threat group has been identified as the source of recent attacks exploiting a critical security flaw in SAP NetWeaver, part of a larger campaign against organizations in Brazil, India, and Southeast Asia that began in 2023. According to Trend Micro security researcher Joseph C. Chen, the attackers primarily exploit SQL injection vulnerabilities in web applications to infiltrate SQL servers of targeted entities. “The actor also leverages various known vulnerabilities to compromise public-facing servers,” Chen noted in a recent analysis. Key targets have included Indonesia, Malaysia, the Philippines, Thailand, and Vietnam. Trend Micro is tracking this activity under the name Earth Lamia, which shows some overlap with threat clusters reported by Elastic Security Labs as REF0657, Sophos as STAC6451, and Palo Alto Networks’ Unit 42.

China-Linked Hackers Exploit Vulnerabilities in SAP and SQL Server Across Asia and Brazil May 30, 2025 In a concerning development for global cybersecurity, a China-linked threat actor has been identified as the driving force behind a significant exploitation of a…

Streamlining Zero Trust in Healthcare: Implementing Dynamic Policy Enforcement Through Risk Assessment Without Redesigning Networks

April 24, 2025
IoT Security / Zero Trust

The Shifting Landscape of Cybersecurity in Healthcare

In 2025, healthcare organizations are grappling with unparalleled cybersecurity threats. As operational technology (OT) environments come under increasing attack and the integration of IT and medical systems expands the potential for breaches, traditional security measures are falling short. Recent data reveals that the healthcare sector faced a record number of data breaches in 2024, compromising over 133 million patient records. The financial implications are severe, with the average cost of a healthcare data breach soaring to $11 million, making it the industry with the highest breach costs.

The tactics of cybercriminals have evolved significantly; they are now focused on compromising the very devices that provide patient care, rather than just stealing patient records. The risk has intensified, with ransomware accounting for 71% of attacks on healthcare organizations, resulting in an average operational downtime of 11 days per incident.

Automating Zero Trust in Healthcare: Enhancing Security Through Dynamic Policy Enforcement Without Overhauling Networks As of April 24, 2025, the cybersecurity landscape within the healthcare sector is facing increasingly complex challenges. Healthcare organizations are grappling with significant threats exacerbated by…

Qualcomm Resolves Three Zero-Day Vulnerabilities Targeting Android Devices Through Adreno GPU

June 02, 2025
Spyware / Vulnerability

Qualcomm has released security updates to address three zero-day vulnerabilities that have been exploited in limited, targeted attacks. These flaws, responsibly disclosed by the Google Android Security team, include:

  • CVE-2025-21479 and CVE-2025-21480 (CVSS score: 8.6): Two incorrect authorization vulnerabilities in the Graphics component that could lead to memory corruption due to unauthorized command execution in GPU microcode during specific command sequences.

  • CVE-2025-27038 (CVSS score: 7.5): A use-after-free vulnerability in the Graphics component that may result in memory corruption while rendering graphics using Adreno GPU drivers in Chrome.

According to Qualcomm’s advisory, the Google Threat Analysis Group has indicated that CVE-2025-21479, CVE-2025-21480, and CVE-2025-27038 might be under limited, targeted exploitation. Patches have been issued to resolve the vulnerabilities affecting the Adreno graphics architecture.

Qualcomm Addresses Critical Security Flaws Exploited in Targeted Android Attacks On June 2, 2025, Qualcomm announced the release of vital security updates aimed at mitigating three zero-day vulnerabilities that have reportedly been leveraged in targeted attacks against Android devices. These…

Large-Scale Campaign Exploits Kubernetes RBAC for Cryptocurrency Mining

In a recently uncovered attack campaign, Kubernetes (K8s) Role-Based Access Control (RBAC) vulnerabilities have been exploited to establish backdoors and deploy cryptocurrency miners. Cloud security firm Aqua reported that attackers utilized DaemonSets to commandeer resources within targeted K8s clusters. Dubbed “RBAC Buster,” the campaign has reportedly infiltrated 60 unprotected K8s clusters. The attack began with the exploitation of a misconfigured API server, followed by a search for competing miner malware, and the establishment of persistence through RBAC adjustments. Aqua noted that the attacker created a new ClusterRole with almost admin-level permissions and set up a ‘ServiceAccount’ named ‘kube-controller’ in the ‘kube-system’ namespace.

Kubernetes RBAC Vulnerability Exploited in Major Cryptocurrency Mining Campaign On April 21, 2023, cybersecurity firm Aqua reported a large-scale attack exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to establish backdoors and execute cryptocurrency mining operations. This operation, named “RBAC Buster,”…