Arbitrary script injections possible with WP-Members plugin flaw
More than 60,000 WordPress sites with the WP-Members Membership Plugin could be compromised with arbitrary script injections due to a high-severity cross-site scripting vulnerability, tracked as CVE-2024-1852, reports SecurityWeek.
Unified open source standards for EU Cyber Resilience Act compliance mulled
More stringent security controls under the European Union's Cyber Resilience Act have resulted in a new partnership between the Apache Software Foundation, OpenSSL Software Foundation, Eclipse Foundation, and four other open source foundations to...
Ibis Budget hotels across Europe had keypad codes that could be leveraged for room entry exposed due to a security flaw impacting its self check-in kiosks, SecurityWeek reports.
Attack against UK city council admitted by INC Ransom
Ongoing compromise of the UK's Leicester City Council that began in early March has been claimed by the INC Ransom extortion operation, which admitted in a post on its leak site to have stolen 3 TB of data from the city council before immediately...
Why the FCC’s cybersecurity labeling program benefits IoT systems
A voluntary labeling program offers dividends at home and abroad and will secure the IoT ecosystem across important verticals such as energy, healthcare, and manufacturing.
Indian nationals subjected to cybercrime slavery repatriated
Nearly 250 Indian nationals who were forced into performing cyber fraud schemes in Cambodia have already been repatriated by the Indian government, according to The Hacker News.