Cyberattackers Exploiting Critical WordPress Plugin Bug

The Plus Addons for Elementor plugin for WordPress has a critical security vulnerability that attackers can exploit to quickly, easily and remotely take over a website. First reported as a zero-day bug, researchers said it’s being actively attacked in the wild.

Containerd Bug Exposes Cloud Account Credentials

Containerd Bug Exposes Cloud Account Credentials. The flaw (CVE-2020-15157) is located in the container image-pulling process. A security vulnerability can be exploited to coerce the containerd cloud platform into exposing the host’s registry or users’ cloud-account credentials.

WordPress: Bugs Detected in Ninja Forms Plugin

Four major bugs in the Ninja Forms plugin for WordPress have been detected. Immediate update is recommended. Avoid using pirated versions of paid plugins at all costs, as they’re the source of most widespread threat to WordPress security.

WordPress 5.6.1 Introduces Bug Into Post and Page Windows

Bug warns publishers from leaving editing window in WordPress 5.6.1. WordPress 5.6.1, which many sites auto-updated to, has introduced a bug that makes it difficult to save a post. A temporary patch has been created to address the issue but it’s not an official update to solve the problem.

COVID-19 Research and Uninitialized Variable

There is an open project, COVID-19 CovidSim Model, written in C++. There is also a PVS-Studio static code analyzer that detects errors very well. One day they met. Let's embrace the fragility of mathematical modeling algorithms and why you need to make every effort to enhance code quality.

WordPress Sites Open to Code injection Attacks Via Welcart E-Commerce Bug

WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug. A security vulnerability in the Welcart e-Commerce plugin opens up websites to code injection. This can lead to payment skimmers being installed, crashing of the site or information retrieval via SQL injection, researchers said. The shopping cart application contains a PHP object-injection bug.

RCE 'Bug' Found and Disputed in Popular PHP Scripting Framework

RCE 'Bug' Found and Disputed in Popular PHP Scripting Framework. Versions of the popular developer tool Zend Framework. Impacted are PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework. RCE bug impacting PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework.

Nvidia Warns Gamers of Severe GeForce Experience Flaws

Versions of Nvidia GeForce Experience for Windows prior to 3.20.5.70 are affected by a high-severity bug that could enable code execution, denial of service and more. The flaw specifically stems from the Nvidia Web Helper NodeJS Web Server.

Newsletter WordPress Plugin Opens Door to Site Takeover

An XSS bug and a PHP object-injection vulnerability are present in a plugin used by hundreds of thousands of websites.

ASUS Home Router Bugs Open Consumers to Snooping Attacks

The two flaws allow man-in-the-middle attacks that would give an attacker access to all data flowing through the router.

Billions of Devices Impacted by Secure Boot Bypass

The "BootHole" bug could allow cyberattackers to load malware, steal information and move laterally into corporate, OT, IoT and home networks.

StrandHogg 2.0 Critical Bug Allows Android App Hijacking

a malicious app installed on a device can hide behind legitimate apps.

Cisco Webex, Router Bugs Allow Code Execution

Cisco Webex, Router Bugs Allow Code Execution - High-severity flaws plague Cisco's Webex collaboration platform, as well as its RV routers for small businesses.

How to Fixed Bugs in Browser

When you run into a browser bug, what can you do? I’ll give how-to steps ranging from a quick vote on a bug through submitting a test case, all with real-life stories on how effective some extra effort can be