HomeTopics 5Website Security

Website Security

AI & Cybersecurity

CVE‑2025‑7847: Arbitrary File Upload in AI Engine Puts 100K+ WordPress Sites at Risk of RCE

Vulnerability Management

Hackers Actively Exploit Critical RCE in WordPress Alone Theme (CVE-2025-5394)

America

U.S. Treasury Sanctions Aeza Group Bulletproof Russian Bulletproof Hosting Provider in Major Cybercrime Crackdown

DoS & DDoS

Monster 7.3 Tbps DDoS Attack Blocked by Cloudflare in Historic Mitigation

In mid‑May 2025, Cloudflare successfully deflected the largest DDoS attack ever recorded peaking at 7.3 terabits-per-second targeting a hosting provider using its Magic Transit service,...

Breached

Victoria’s Secret Hit by Security Incident: Website, Email, and Operations Disrupted

On 28 May 2025, Victoria’s Secret & Co. suffered a significant security incident that disrupted its digital infrastructure, including website availability, internal email systems,...

Website Security

Unpatched Zero-Day in TI WooCommerce Wishlist Plugin Exposes Over 100K Sites to RCE Risk

A critical unauthenticated file upload flaw in the TI WooCommerce Wishlist plugin, tracked as CVE-2025-47577, remains unpatched leaving over 100,000 WordPress e-commerce sites exposed...

Website Security

CVE‑2025‑4389: Crawlomatic’s Critical File‑Upload Flaw Opens 12,000+ WordPress Sites to One‑Click RCE

A critical vulnerability tracked as CVE‑2025‑4389 (CVSS 9.8) allows unauthenticated attackers to upload any file type including web‑shells via the crawlomatic_generate_featured_image() hook in Crawlomatic Multipage Scraper Post...

Application Security

CVE-2025-2636: Critical Local File Inclusion Flaw in InstaWP Connect Plugin Puts 500K+ WordPress Sites at Risk

A critical vulnerability in InstaWP Connect, a popular WordPress plugin with over 500,000 active installations, has exposed millions of websites to remote code execution...

Application Security

100,000+ WordPress Sites at Risk: Administrative User Creation Vulnerability in SureTriggers Plugin Exposes Critical Weakness

A critical vulnerability has been identified in the popular SureTriggers WordPress plugin, affecting over 100,000 active installations. This vulnerability enables unauthenticated attackers to create...

Application Security

Critical Vulnerability in WordPress Hunk Companion Plugin Exploited to Install Malicious Plugins

In a recent cybersecurity incident, a critical vulnerability in the WordPress Hunk Companion plugin has been exploited by attackers to silently install and activate...

12 3...5 Page 1 of 5

- Never miss a story with notifications

- Gain full access to our premium content

- Browse free from up to 5 devices at once

Must read

Press Release

Nigeria Deports 42 Foreign Cybercriminals After Historic EFCC Raid; 150 More to Follow

PipeMagic Resurfaces: Kaspersky and BI.ZONE Report New Backdoor Activity in GCC and Latin America

Google Play Enforces Stricter Global Licensing Rules for Cryptocurrency Apps

Microsoft Patches 111 CVEs in August 2025 Security Update, Including Critical Azure OpenAI Flaw

Nigeria Deports 42 Foreign Cybercriminals After Historic EFCC Raid; 150 More to Follow

PipeMagic Resurfaces: Kaspersky and BI.ZONE Report New Backdoor Activity in GCC and Latin America

Google Play Enforces Stricter Global Licensing Rules for Cryptocurrency Apps

Microsoft Patches 111 CVEs in August 2025 Security Update, Including Critical Azure OpenAI Flaw

Website Security

CVE‑2025‑7847: Arbitrary File Upload in AI Engine Puts 100K+ WordPress Sites at Risk of RCE

Hackers Actively Exploit Critical RCE in WordPress Alone Theme (CVE-2025-5394)

U.S. Treasury Sanctions Aeza Group Bulletproof Russian Bulletproof Hosting Provider in Major Cybercrime Crackdown

Tenable Names Matthew Brown as Chief Financial Officer, Succeeding Steve Vintz

Chinese National Sentenced to Four Years for Deploying “Kill Switch” on Employer’s Network

SIM-Swapper “Scattered Spider” Hacker Sentenced to 10 Years, Ordered to Pay $13 Million

Nigeria Deports 42 Foreign Cybercriminals After Historic EFCC Raid; 150 More to Follow

Nigeria Deports 42 Foreign Cybercriminals After Historic EFCC Raid; 150 More to Follow

PipeMagic Resurfaces: Kaspersky and BI.ZONE Report New Backdoor Activity in GCC and Latin America

Google Play Enforces Stricter Global Licensing Rules for Cryptocurrency Apps

Microsoft Patches 111 CVEs in August 2025 Security Update, Including Critical Azure OpenAI Flaw

Cybercory Magazine

Latest

Tenable Names Matthew Brown as Chief Financial Officer, Succeeding Steve Vintz

Chinese National Sentenced to Four Years for Deploying “Kill Switch” on Employer’s Network

SIM-Swapper “Scattered Spider” Hacker Sentenced to 10 Years, Ordered to Pay $13 Million

Popular

Tenable Names Matthew Brown as Chief Financial Officer, Succeeding Steve Vintz

Chinese National Sentenced to Four Years for Deploying “Kill Switch” on Employer’s Network

SIM-Swapper “Scattered Spider” Hacker Sentenced to 10 Years, Ordered to Pay $13 Million

Useful Links

Quick Links