Attackers Target 1M+ WordPress Sites To Harvest Database Credentials
An attack over the weekend unsuccessfully targeted 1.3 million WordPress websites, in attempts to download their configuration files and harvest database credentials.
Vulnerabilities
Critical SAP ASE Flaws Allow Complete Control of Databases
Researchers warn of critical flaws in SAP’s Sybase Adaptive Server Enterprise software.
Two Critical Android Bugs Open Door to RCE
Google and Qualcomm both addressed significant vulnerabilities in their June updates.
Cisco has patched a high-severity flaw that could lead to denial-of-service attacks on its Nexus switch lineup.
The zero-day vulnerability tracked as CVE-2020-9859 is exploited by the “Uncover” jailbreak tool released last week.
Apple has fixed a critical flaw in its Sign in with Apple feature, which could have been abused by attackers to takeover victims’ third-party applications.
The Russian spy group, a.k.a. BlackEnergy, is actively compromising Exim mail servers via a critical security vulnerability.
The DDoS group sets itself apart by using exploits — but it doesn’t always pan out.
Attackers compromised six Cisco VIRL-PE servers that are affected by critical SaltStack vulnerabilities.
Microsoft has warned on a new breed of patient ransomware attacks that lurk in networks for weeks before striking.
