WordPress force installs critical Jetpack patch on 5 million sites
Automattic, the company behind the open-source WordPress content management system, has started force installing a security patch on millions of websites today to address a critical vulnerability in the Jetpack WordPress plug-in. […]
Barracuda zero-day abused since 2022 to drop new malware, steal data
Network and email security firm Barracuda today revealed that a recently patched zero-day vulnerability had been exploited for at least seven months to backdoor customers’ Email Security Gateway (ESG) appliances with custom malware and steal data. […]
Microsoft finds macOS bug that lets hackers bypass SIP root restrictions
Apple has recently addressed a vulnerability that lets attackers with root privileges bypass System Integrity Protection (SIP) to install “undeletable” malware and access the victim’s private data by circumventing Transparency, Consent, and Control (TCC) security checks. […]