How SAST Will Improve Your Overall Security: Intro

Application testing is a process that helps ensure the quality and safety of your software applications, whether the app is for a mobile or desktop device. Of course, it’s easy…

SAP Kicks Log4Shell Vulnerability Out of 20 Apps

SAP’s still feverishly working to patch another 12 apps vulnerable to the Log4Shell flaw, while its Patch Tuesday release includes 21 other fixes, some rated at 9.9 criticality. SAP has…

Fueled by Pandemic Realities, Grinchbots Aggressively Surge in Activity

E-commerce’s proverbial Who-ville is under siege, with a rise in bots bent on ruining gift cards and snapping up coveted gifts for outrageously priced resale. The festive season is moving…

Vulnerabilities Found in GOautodial

Vulnerabilities Found in GOautodial A cybersecurity researcher has discovered multiple vulnerabilities in an open-source call center software suite used around the world. The Synopsys Cybersecurity Research Center (CyRC) released an advisory today exposing two API…

80K Retail WooCommerce Sites Exposed by Plugin XSS Bug

The Variation Swatches plugin security flaw lets attackers with low-level permissions tweak important settings on e-commerce sites to inject malicious scripts. The plugin “Variation Swatches for WooCommerce,” installed across 80,000…

XSS Vulnerability Patched in Plugin Designed to Enhance WooCommerce

WordFence –  WordFence –  Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. On November 11, 2021…

Russian language hacking forums warming up to Chinese hackers

Russian cybercrime and hacking forums are opening doors to Chinese and English-speaking threat actors, which so far had been a relatively restricted domain for them. Researchers at threat intelligence firm…

Russian Ransomware Gangs Might be Collaborating with Chinese Hackers

RAMP is a Russian-language forum that debuted in July 2021 and has drawn a lot of interest from researchers and cybercriminals alike.The forum was created on the same domain that…

Russian Cybercrime Forums Open Doors to Chinese-Speakers

Russian Cybercrime Forums Open Doors to Chinese-Speakers Security researchers have started to see a thawing of relations between Russian and Chinese and English-speaking threat actors. The Russian-speaking cybercrime world has…

WooCommerce Extension – Reflected XSS Vulnerability

WordFence –  WordFence –  Note: To receive disclosures like this in your inbox the moment they’re published, you can subscribe to our WordPress Security Mailing List. On November 1, 2021…