A week in security (May 4 – May 10)

Last week on Malwarebytes Labs: Microsoft says Edge’s plaintext password behavior is "by design" ShinyHunters escalates Canvas attacks with school login defacements Massive AI investment scam network spans 15,500 domains If a fake moustache can fool age checks, is the Online Safety Act working?...

Update, March 13: Talos on the developing situation in the Middle East

Update history Date | Description of updates ---|--- March 13, 2026 | Talos' assessment of the cyber attack on Stryker and the elevated threat landscape. Key findings and background on Handala, the Iranian-linked threat group. March 10, 2026 | Updated guidance and recommendations, IOCs, and...

Predicting 2026

Welcome to this week's edition of the Threat Source newsletter. It's become traditional at this time of year to make predictions about cybersecurity for the coming year. Obviously, no one has a crystal ball to predict the future, and if they did, they would be quietly making a fortune rather than...

Yet Another Diminishing Spark: Low-Level Cyberattacks in the Israel-Gaza Conflict

We report empirical evidence of web defacement and DDoS attacks carried out by low-level cybercrime actors in the Israel-Gaza conflict. Our quantitative measurements indicate an immediate increase in such cyberattacks following the Hamas-led assault and the subsequent declaration of war. However,...

Activist Hackers Are Racing Into the Israel-Hamas War—for Both Sides

Since the conflict escalated, hackers have targeted dozens of government websites and media outlets with defacements and DDoS attacks, and attempted to overload targets with junk traffic to bring them down...

Add Client function is vulnerable to stored HTML injection

Description HTML Injection also termed as “virtual defacements” is one of the most simple and the most common vulnerability that arises when the web-page fails to sanitize the user-supplied input or validates the output, which thus allows the attacker to craft his payloads and injects the malicio...

Content Spoofing

rdiffweb is vulnerable to content spoofing. An attacker can deliver professionally crafted visual defacements to the right recipients convincingly and provide misleading information to the victims due to improper processing and rendering of user-supplied inputs...

Indian Govt Orders Organizations to Report Security Breaches Within 6 Hours to CERT-In

India's computer and emergency response team, CERT-In, on Thursday published new guidelines that require service providers, intermediaries, data centers, and government entities to compulsorily report cybersecurity incidents, including data breaches, within six hours. "Any service provider,...

JFrog: Impersonation attack via Broken link in "blog-author" page

A social media platform link of "Twitter" on https://jfrog.com/blog-author/john-peterson/ was broken and could've allowed a user to impersonate a reseller and attack / scam your customers. This happened because the account of twitter either deleted or changed their username. I thought I'd report ...

WordPress 4.7.3 Patches Half-Dozen Vulnerabilities

WordPress released a security update on Tuesday that patched a half-dozen bugs, including one that could be chained with the recent REST API Endpoint flaw that led to a million website defacements. Given that the bug was introduced in WordPress 4.7 and the availability of a patch that backports...

IC3 Releases Alert on Web Site Defacements

The Internet Crime Complaint Center IC3 has issued an alert addressing recently perpetrated Web site defacements. The defacements advertise themselves as associated with the Islamic State in the Levant ISIL a.k.a. Islamic State of Iraq and al-Shams ISIS. However, FBI assesses that the perpetrator...

zone_h

This plugin searches the zone-h.org defacement database and parses the result. The information stored in that database is useful to know about previous defacements to the target website. In some cases, the defacement site provides information about the exploited vulnerability, which may be still...

Supreme Court of Pakistan website defaced by Zombie_Ksa

Supreme Court of Pakistan website defaced by ZombieKsa The official website of Pakistan's Supreme Court has been hacked.Visitors to the website found derogatory and abusive remarks about the court and Chief Justice Iftikhar Muhammad Chaudhry. Earlier the Supreme Court website was hacked by two bo...

3 websites hacked by Indian Girl Hacker - TriNitY !

3 websites hacked by Indian Girl Hacker - TriNitY ! Till now we was just listen about that, some Hackers boys do hacks and sites defacements, But wait ! Here we have an Indian Girl with codename "TriNitY" .TriNitY is I think 1st Indian hacker who is in news for defacing some websites. The list of...

Indian Cyber Army Hacks OGRA Website in Retaliation

In a troubling trend of tit-for-tat website defacements, a group of Indian hackers known as the ‘Indian Cyber Army’ hacked the Oil & Gas Regulatory Authority OGRA website www.ogra.org.pk on Saturday. The website was later restored by the site administrators. The message left on the OGRA page stat...

PROJECT JAI HIND : 26/11 Revenge Defacements by Indishell (400 Websites)

PROJECT JAI HIND : 26/11 Revenge Defacements by Indishell Hacked Sites List : Check Here More Sites will Be listed Soon, If u Have full list then inform us on Facebook !! Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post...

Meher Assel (NeT-Own3r) Tunisian Hacker do 9,856 mass defacements

"Meher Assel NeT-Own3r Tunisian Hacker is one of the Great Hacker. He do almost 9,856 defacements. Zone-H Records : Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post...

PHP hosting Biller

Application: PHP HOSTING BILLER Web Site: http://www.jnshosts.com/phphostingbiller.php Versions: 1.0 Platform: linux, windows, freebsd, sun Bug: Cross site Scripting XSS Fix Available: No ------------------------------------------------------- 1 Introduction 2 Bug 3 The Code 4 Fix 5 About Serapis...

fuzzylime (forum) XSS

Application: fuzzylime Forum Web Site: http://forum.fuzzylime.co.uk/st/front/index/ Versions: 1.01b and below Platform: linux, windows, freebsd, sun Bug: Cross site Scripting XSS Fix Available: Yes Advisory File: http://www.secvsn.com/content/Advisories/sr-180607-fuzzy.html...

maran-xss.txt

Application: Maran Blog Web Site: http://www.maran.pamil-visions.com/maranblog.php Versions: no Version numbers could be found. Platform: linux, windows, freebsd, sun Bug: Cross site Scripting XSS Fix Available: Yes Advisory File:http://www.secvsn.com/content/Advisories/sr-060607-maran.html...