A significant security vulnerability has been discovered in a popular premium WordPress plugin, WPGateway, with the potential for active exploitation in real-world conditions. This zero-day flaw allows malicious actors to gain complete control over affected WordPress sites, posing a substantial risk to web administrators who utilize this tool. The vulnerability,…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Startup Develops AI Simulations to Combat Cyber Threats Michael Novinson (@MichaelNovinson) • September 19, 2025 Irregular’s CTO Omer Nevo and CEO Dan Lahav (Image: Irregular) Irregular, an AI security lab, has secured $80 million in funding to create test environments…
ESET has reported a likely collaboration between two Russian hacking groups, Turla and Gamaredon, suggesting they were working together in recent cyber operations targeting Ukrainian systems. The speculation arises from their shared affiliations with the Federal Security Service (FSB) of Russia, albeit from different centers within the organization. According to…
Recent investigations have revealed a sophisticated malware campaign deploying a remote access trojan (RAT) called AsyncRAT, utilizing Python payloads and TryCloudflare tunnels for distribution. Forcepoint X-Labs researcher Jyotika Singh indicated that AsyncRAT capitalizes on the async/await programming model, allowing attackers to covertly access and manipulate infected systems, exfiltrate data, and…
10 U.S. States Safeguard 322 Million Internet Users Against $16 Billion in Cybercrime Losses Recent reports highlight significant advancements made by ten U.S. states in their initiative to protect approximately 322 million Internet users from overwhelming cybercrime losses, which have accumulated to an estimated $16 billion. This initiative showcases a…
On Tuesday, Microsoft rolled out security updates addressing a total of 57 vulnerabilities, including six that have been actively exploited in the wild. These updates are particularly crucial for organizations concerned about potential security breaches, as they rectify flaws that could be leveraged by malicious actors. Among the 57 identified…
In a significant cybersecurity development, Sophos has issued a critical patch for its firewall product following the discovery of a severe zero-day vulnerability actively being exploited by cyber attackers. This vulnerability has raised serious concerns for users, as it could lead to unauthorized remote code execution. The issue, identified as…
Fraud Management & Cybercrime, Social Engineering Malware Dissemination Tied to FileFix Campaign Targeting Facebook Users Pooja Tikekar (@PoojaTikekar) • September 18, 2025 A malicious command is embedded in a deceptive upload window. (Image: Acronis/ISMG) A new social engineering operation, dubbed FileFix, has emerged, employing sophisticated techniques to persuade users into…
Major Security Flaw Discovered in Microsoft Azure’s Identity Management System Over the past decade, a significant transition has occurred in how businesses manage their digital infrastructures, shifting from self-hosted servers to cloud services. This change has allowed many organizations to benefit from the advanced security features offered by key cloud…
