sites
-
Blog
Malware campaign ‘DollyWay’ breached 20,000 WordPress sites
A malware operation dubbed ‘DollyWay’ has been underway since 2016, compromising over 20,000 WordPress sites globally to redirect users to malicious sites. The campaign has evolved significantly in the past eight years, leveraging advanced evasion, re-infection, and monetization strategies. According to GoDaddy researcher Denis Sinegubko, DollyWay has been functioning as a large-scale scam redirection system in its latest version (v3). However, in…
Read More » -
Blog
YouTube will soon restrict creators from mentioning certain online gambling sites
YouTube is tightening its policies on gambling content. The platform has announced that it will soon prohibit creators from verbally referring to gambling services not approved by Google, as well as displaying their logos and linking to them in videos. The new rules, which go into effect on March 19th, may also put age restrictions on videos about online gambling.…
Read More » -
Blog
The Best Sites to Find Affordable Dupes
We may earn a commission from links on this page. We’ve all been there: You find the perfect product, the chair or skin cream that will solve all your problems through the liberal application of capitalism—but it doesn’t fit into your budget. You have three choices: You can spend the next few months (years?) saving diligently toward the glorious day…
Read More » -
Blog
Hundreds of fake Reddit sites push Lumma Stealer malware
Hackers are distributing close to 1,000 web pages mimicking Reddit and the WeTransfer file sharing service that lead to downloading the Lumma Stealer malware. On the fake pages, the threat actor is abusing the Reddit brand by showing a fake discussion thread on a specific topic. The thread creator asks for help to download a specific tool, another user offers to help…
Read More » -
Blog
W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks
A severe flaw in the W3 Total Cache plugin installed on more than one million WordPress sites could give attackers access to various information, including metadata on cloud-based apps. The W3 Total Cache plugin uses multiple caching techniques to optimize a website’s speed, reduce load times, and generally improve its SEO ranking. The flaw is tracked as CVE-2024-12365 despite the developer releasing…
Read More » -
Blog
WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites
A new malware campaign has compromised more than 5,000 WordPress sites to create admin accounts, install a malicious plugin, and steal data. Researchers at webscript security company c/side discovered during an incident response engagement for one of their clients that the malicious activity uses the wp3[.]xyz domain to exfiltrate data but have yet to determine the initial infection vector. After compromising a…
Read More » -
Blog
Europe Selects Sites for Seven AI Factories
Europe has selected the sites for seven “AI factories” — specialised research and development centres using the region’s most powerful supercomputers. The factories will be based in Finland, Germany, Greece, Italy, Luxembourg, Spain, and Sweden. The interconnected network of factories will drive advancements in AI applications across various sectors in the E.U., including health, manufacturing, energy, climate, and finance. It…
Read More » -
Blog
Europol just took down 27 DDoS-for-hire sites
With the festive period traditionally a time for hackers to mount Distributed Denial-of-Service (DDoS) attacks, Europol has moved to preempt them with a sweeping takedown campaign. The agency has seized 27 of the most popular platforms, known as booter and stresser websites, used to carry out these attacks. These include zdstresser.net, orbitalstress.net, and starkstresser.net. Three administrators have been arrested in…
Read More » -
Blog
WPForms bug allows Stripe refunds on millions of WordPress sites
A vulnerability in WPForms, a WordPress plugin used in over 6 million websites, could allow subscriber-level users to issue arbitrary Stripe refunds or cancel subscriptions. Tracked under CVE-2024-11205, the flaw was categorized as a high-severity problem due to the authentication prerequisite. However, given that membership systems are available on most sites, exploitation may be fairly easy in most cases. The…
Read More » -
Blog
AWS opens physical sites for fast data uploads – but it could cost you up to $500 an hour
Amazon Web Services (AWS) customers will soon be able to book time slots at physical locations to connect their storage devices and upload data to the cloud. Data can be uploaded to any AWS endpoint, including Amazon S3, Amazon Elastic File System (Amazon EFS), or others, using a high throughput connection of up to up to 400Gbps. Each AWS Data…
Read More »