๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
@cibsecurity
25K subscribers
88.4K links
๐Ÿ—ž The finest daily news on cybersecurity and privacy.

๐Ÿ”” Daily releases.

๐Ÿ’ป Is your online life secure?

๐Ÿ“ฉ lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
25K subscribers
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ•ด Pro-Iranian Hacktivists Set Sights on Israeli Industrial Control Systems ๐Ÿ•ด

The hacktivists known as SiegedSec identify ICS targets, but there's no evidence of attacks yet.

๐Ÿ“– Read

via "Dark Reading".
Dark Reading
Pro-Iranian Hacktivists Set Sights on Israeli Industrial Control Systems
The hacktivists known as SiegedSec identify ICS targets, but there's no evidence of attacks yet.
302 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ•ด The Need for a Cybersecurity-Centric Business Culture ๐Ÿ•ด

Building a culture of cybersecurity is achievable by acknowledging its importance and consistently reinforcing that message.

๐Ÿ“– Read

via "Dark Reading".
Dark Reading
The Need for a Cybersecurity-Centric Business Culture
Building a culture of cybersecurity is achievable by acknowledging its importance and consistently reinforcing that message.
282 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ™Ÿ๏ธ The Fake Browser Update Scam Gets a Makeover โ™Ÿ๏ธ

One of the oldest malware tricks in the book -- hacked websites claiming visitors need to update their Web browser before they can view any content -- has roared back to life in the past few months. New research shows the attackers behind one such scheme have developed an ingenious way of keeping their malware from being taken down by security experts or law enforcement: By hosting the malicious files on a decentralized, anonymous cryptocurrency blockchain.

๐Ÿ“– Read

via "Krebs on Security".
Krebs on Security
The Fake Browser Update Scam Gets a Makeover
One of the oldest malware tricks in the book -- hacked websites claiming visitors need to update their Web browser before they can view any content -- has roared back to life in the past few months. New research showsโ€ฆ
269 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-45072 โ€ผ

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kardi Order auto complete for WooCommerce plugin <=ร‚ 1.2.0 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
223 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-46007 โ€ผ

Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_staff.php.

๐Ÿ“– Read

via "National Vulnerability Database".
216 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-32087 โ€ผ

Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with task creation

๐Ÿ“– Read

via "National Vulnerability Database".
224 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-45070 โ€ผ

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 10Web Form Builder Team Form Maker by 10Web รขโ‚ฌโ€œ Mobile-Friendly Drag & Drop Contact Form Builder plugin <=ร‚ 1.15.18 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
262 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-46005 โ€ผ

Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_branch.php.

๐Ÿ“– Read

via "National Vulnerability Database".
245 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-45065 โ€ผ

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit plugin <=ร‚ 1.42 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
203 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-45071 โ€ผ

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in 10Web Form Builder Team Form Maker by 10Web รขโ‚ฌโ€œ Mobile-Friendly Drag & Drop Contact Form Builder plugin <=ร‚ 1.15.18 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
218 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-45073 โ€ผ

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Michael Koch Mendeley Plugin plugin <=ร‚ 1.3.2 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
231 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-32088 โ€ผ

Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with ad-hoc case creation

๐Ÿ“– Read

via "National Vulnerability Database".
248 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-31217 โ€ผ

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in MyTechTalky User Location and IP plugin <=ร‚ 1.6 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
251 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-46004 โ€ผ

Sourcecodester Best Courier Management System 1.0 is vulnerable to Arbitrary file upload in the update_user function.

๐Ÿ“– Read

via "National Vulnerability Database".
268 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-45067 โ€ผ

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Ashish Ajani WordPress Simple HTML Sitemap plugin <=ร‚ 2.1 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
302 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-46006 โ€ผ

Sourcecodester Best Courier Management System 1.0 is vulnerable to SQL Injection via the parameter id in /edit_user.php.

๐Ÿ“– Read

via "National Vulnerability Database".
381 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-32089 โ€ผ

Pega Platform versions 8.1 to 8.8.2 are affected by an XSS issue with Pin description

๐Ÿ“– Read

via "National Vulnerability Database".
397 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-45608 โ€ผ

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Nicola Modugno Smart Cookie Kit plugin <=ร‚ 2.3.1 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
339 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿฆฟ What Australian IT Leaders Need to Focus on Ahead of Privacy Act Reforms ๐Ÿฆฟ

The Australian federal government aims to deliver changes to privacy laws in 2024. Organisations are being warned to prepare ahead of time by creating a comprehensive map of organisational data.

๐Ÿ“– Read

via "Tech Republic".
TechRepublic
What Australian IT Leaders Need to Focus on Ahead of Privacy Reforms
Australian organisations can prepare for privacy law changes from the government by creating a comprehensive map of organisational data.
348 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-45607 โ€ผ

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Hector Cabrera WordPress Popular Posts plugin <=ร‚ 6.3.2 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
310 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-45630 โ€ผ

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in wpdevart Gallery รขโ‚ฌโ€œ Image and Video Gallery with Thumbnails plugin <=ร‚ 2.0.3 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
311 views