Google fixes actively exploited Chrome zero‑day

The latest Chrome update patches a bumper crop of security flaws across the browser’s desktop versions. Google has rolled out an update for its Chrome web browser to fix a bunch of security flaws, including a zero-day vulnerability that is known to be actively exploited by threat actors. The bugs affect the Windows, macOS, and … More Google fixes actively exploited Chrome zero‑day

Zero‑day in popular WordPress plugin exploited to take over websites

Websites using Fancy Product Designer are susceptible to remote code execution attacks even if the plugin is deactivated. Cybercriminals have been actively exploiting a zero-day vulnerability in Fancy Product Designer, a WordPress plugin used by more than 17,000 websites, according to a blog post by Defiant, which makes Wordfence security plugins for the web publishing platform. Attackers … More Zero‑day in popular WordPress plugin exploited to take over websites

Apple fixes macOS zero‑day bug that let malware take secret screenshots

You would do well to update to macOS Big Sur 11.4 post-haste. Apple has rolled out updates to address a bevy of security flaws, including three zero-day vulnerabilities that are being actively exploited in the wild. Two of the loopholes affect tvOS used for the Apple TV 4k and Apple TV HD offerings, whereas the … More Apple fixes macOS zero‑day bug that let malware take secret screenshots

Colonial Pipeline attack: Hacking the physical world

The attack is a reminder of growing cyberthreats to critical infrastructure while also showing why providers of essential services are ripe targets for cybercriminals. While detractors have argued that threats against physical infrastructure are overstated and largely theoretical, the growing list of organizations that have been successfully attacked suggests otherwise. And now the media is full of … More Colonial Pipeline attack: Hacking the physical world