Category: Cybersecurity News
-
Researchers Discover Malicious Code in WordPress GravityForms Plugin
Recently, analysis by security researchers at Pathstack had uncovered a serious vulnerability affecting the widely-used WordPress plugin, GravityForms. It’s a popular contact form build plugin powering forms on websites (from small blogs to large enterprise) worldwide A Hidden Threat in a Trusted Plugin According to detailed findings from security analysis, certain versions of GravityForms downloaded…
-
A Critical Bluetooth Vulnerability Affects Millions of Vehicles
Cybersecurity researchers at PCA Cyber Security have identified PerfektBlue, a severe vulnerability targeting the BlueSDK Bluetooth framework developed by OpenSynergy. This flaw is widespread, impacting millions of devices, especially in the automotive industry, where it is used in vehicle infotainment systems. PerfektBlue enables attackers to remotely execute malicious code on affected devices with minimal effort…
-
Fortinet Pushes Out Fix for SQL Vulnerability in FortiWeb
Fortinet has released critical security patches for multiple versions of FortiWeb, addressing a high-severity SQL injection vulnerability found by researches at GMO Cybersecurity that could be exploited if left unpatched. If your organization uses FortiWeb for web application firewalling, now is the time to prioritize patching. The vulnerability could have allowed attackers to send specially…
-
ServiceNow Rolls Out Update To Fix Access Control Vulnerability
On July 8, 2025, ServiceNow released a critical security update to address a vulnerability within the Now Platform that could lead to unauthorized access to sensitive data. This issue is related to misconfigurations in the Conditional Access Control Lists (ACLs), which could allow both authenticated and unauthenticated users to infer data they shouldn’t have access…
-
AMD Discloses Microarchitectural Vulnerabilities Affecting Multiple Processor Families
AMD has recently published a security advisory detailing new transient scheduler attacks that could potentially allow attackers to infer sensitive information from affected processors. These vulnerabilities, designated as AMD-SB-7029, pose a medium risk related to confidentiality. What Are These Attacks?The vulnerabilities involve timing-based side channels that exploit microarchitectural behaviors in AMD CPUs, particularly under specific…
-
Malicious Browser Extension Campaign Impacting 2M+ Users
Security researches at Koi Security recently uncovered a significant security breach involving a network of malicious browser extensions that have infected over 2.3 million users across Google Chrome and Microsoft Edge browsers. The campaign exposes vulnerabilities in how major web marketplaces verify and monitor extensions, highlighting the potential for widespread abuse. The research team identified…
-
Adobe Issues Security Fixes for Vulnerabilities Across Several Products
Adobe has released a series of important security updates this week, addressing multiple vulnerabilities that could expose systems to serious risks, including arbitrary code execution, application crashes, and memory leaks. Some of these flaws are particularly severe, and their CVE scores above 9 highlight just how critical it is to update as soon as possible.…
Categories:
Have any comments or suggestions? Feel free to let us know!
