Bleeping Computer

Hackers exploit Modular DS WordPress plugin flaw for admin access

Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass authentication remotely and access the vulnerable sites with admin-level ...
Bleeping Computer

Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens

Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in GFI KerioControl firewall product. KerioControl is a ...
Ars Technica

Hackers exploit VMware vulnerability that gives them hypervisor admin

Microsoft is urging users of VMware’s ESXi hypervisor to take immediate action to ward off ongoing attacks by ransomware groups that give them full administrative control of the servers the product ...