Recent intelligence has identified that malicious actors are actively exploiting a severe security vulnerability in the WooCommerce Payments WordPress plugin. This flaw is part of a large-scale, targeted campaign that threatens numerous websites reliant on the plugin. The vulnerability, identified as CVE-2023-28121 with a CVSS score of 9.8, is classified…
Recent findings from security researchers have unveiled a novel malware strain capable of infecting systems with either a cryptocurrency miner or ransomware, depending on configuration settings that dictate the most profitable scheme. This dual-functionality indicates a strategic evolution in cybercriminal tactics, aiming to optimize revenue generation through diverse exploitation methods.…
Former Hacker’s Journey: From Crime to Cybersecurity Advocate In a recent statement, a once notorious black hat hacker shared insights into his transformation after serving his prison sentence. “When I was involved in hacking, I felt isolated and paranoid. However, working with ethical hackers has given me a sense of…
In a significant cybersecurity incident, 000Webhost, one of the leading providers of free web hosting services worldwide, has experienced a data breach that has compromised the personal information of over 13.5 million customers. The breach has exposed sensitive data including usernames, plaintext passwords, email addresses, IP addresses, and last names.…
The hacking group ShinyHunters has allegedly leaked millions of records from SoundCloud and Crunchbase following unsuccessful extortion attempts, potentially indicating a connection to an Okta vishing campaign. ShinyHunters, a notorious cybercriminal collective, has resurfaced in the cybersecurity news landscape. The group has launched a leak site on the dark web,…
In a recent development that has raised alarms in cybersecurity circles, Under Armour has reportedly fallen victim to a significant data breach. This incident has drawn considerable attention due to the potential vulnerability of sensitive customer information, raising critical concerns for both the affected individuals and business owners across the…
Each month, Cybersixgill’s threat experts provide insights into the latest tactics, techniques, and procedures employed by cybercriminals. Their reports shed light on emerging threats from the underground, detailing the actors involved and offering guidance on risk mitigation strategies. Regular updates on vulnerabilities, ransomware, and malware trends from the deep and…
Recent investigations have revealed an intriguing twist in the cybersecurity landscape: even hackers can become victims. Security researchers have identified that a significant proportion of LokiBot malware circulating online are altered copies of the original variant. This discovery raises new concerns regarding the integrity of cybersecurity threats and highlights the…
In a significant cybersecurity incident, a database containing 149 million account usernames and passwords has been taken down after a researcher alerted the hosting provider. This extensive dataset included 48 million Gmail accounts, 17 million Facebook accounts, and about 420,000 for the cryptocurrency platform Binance, among others. The discovery was…