Google fixes Chrome zero-day actively exploited in the wild

Google has addressed an actively exploited zero-day security vulnerability in the Chrome 88.0.4324.150 version released today, February 4th, 2020, to the Stable desktop channel for Windows, Mac, and Linux users. "Google is aware of reports that an exploit for CVE-2021-21148 exists in the wild," the Google Chrome 88.0.4324.150 announcement reads. This version is rolling out … Continue reading Google fixes Chrome zero-day actively exploited in the wild

Hacker publishes stolen email and mailing addresses of 270,000 Ledger cryptocurrency wallet users

Details of Ledger hardware wallet customers provides golden opportunity for scammers Scams include threats to break into homes of customers if ransom is not paid The phone numbers, email and postal addresses of over 270,000 owners of the Ledger cryptocurrency hardware wallet have been made freely available for download from a hacking forum. The information, … Continue reading Hacker publishes stolen email and mailing addresses of 270,000 Ledger cryptocurrency wallet users

Critical flaws in Orbit Fox WordPress plugin allows site takeover

Two vulnerabilities in the Orbit Fox WordPress plugin, a privilege-escalation issue and a stored XSS bug, can allow site takeover. Security experts from Wordfence have discovered two security vulnerabilities in the Orbit Fox WordPress plugin. The flaws are a privilege-escalation vulnerability and a stored XSS bug that impacts over 40,000 installs. The Orbit Fox plugin … Continue reading Critical flaws in Orbit Fox WordPress plugin allows site takeover

SolarLeaks site claims to sell data stolen in SolarWinds attacks

A website named 'SolarLeaks' is selling data they claim was stolen from companies confirmed to have been breached in the SolarWinds attack. Last month, it was disclosed that network management company SolarWinds suffered a sophisticated cyberattack that led to a supply chain attack affecting 18,000 customers. According to a joint statement issued by the FBI, … Continue reading SolarLeaks site claims to sell data stolen in SolarWinds attacks

Hackers leak stolen Pfizer COVID-19 vaccine data online

The European Medicines Agency (EMA) today revealed that some of the Pfizer/BioNTech COVID-19 vaccine data stolen from its servers in December was leaked online. EMA is a decentralized agency responsible for reviewing and approving COVID-19 vaccines, as well as for evaluating, monitoring, and supervising any new medicines introduced to the EU. "The ongoing investigation of … Continue reading Hackers leak stolen Pfizer COVID-19 vaccine data online