41 matches found
Silent Ransom Group Uses Fast Flux Botnet to Hide Law Firm Leak Sites
Cybersecurity firm Resecurity reports Silent Ransom Group is using a fast flux botnet to hide data leak sites while targeting law firms with theft and vishing...
The Unfriending Truth: How to Spot a Facebook Phishing Scam Before It's Too Late
The Unfriending Truth: How to Spot a Facebook Phishing Scam Before It's Too Late By Mark Joseph Marti · January 12, 2026 Introduction As one of the world's largest social media platforms, with over 3 billion active users, Facebook is a frequent target for phishing scams. Hackers aim to hijack use...
PT-2025-5068 · Lawpress · Lawpress
Name of the Vulnerable Software and Affected Versions: LawPress – Law Firm Website Management versions 1.4.5 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting XSS. This means an attacker can...
WordPress LawPress plugin <= 1.4.5 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Mika in WordPress Plugin LawPress – Law Firm Website Management versions = 1.4.5...
serafinilawfirm.com Cross Site Scripting vulnerability OBB-3907082
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
russbakerlawfirm.com Cross Site Scripting vulnerability OBB-3630473
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Uber data theft: Driver info stolen after law firm breached
Uber, yet again, has become a victim of data theft following a third-party breach. This time, threat actors have aimed at the company's law firm, Genova Burns. Data of Uber's drivers may have been swiped during the security incident. According to the letter sent to affected drivers, the firm beca...
law-firm-advertising.com Cross Site Scripting vulnerability OBB-3180617
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bergquistlawfirm.com Cross Site Scripting vulnerability OBB-2941286
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Anonymous Hacktivists Leak 1TB of Top Russian Law Firm Data
By Waqas Rustam Kurmaev and Partners work with the Russian government and other high-profile banking, media, oil, and industrial companies,… This is a post from HackRead.com Read the original post: Anonymous Hacktivists Leak 1TB of Top Russian Law Firm Data...
Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies
Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor it tracks under the chemical element-themed moniker Polonium. In addition to removing the offending accounts created by the Lebanon-based activity group...
raspantilawfirm.com Cross Site Scripting vulnerability OBB-2618316
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
New Scam Utilizing AI-Generated Images to Represent Fake Law Firm
By Deeba Ahmed Hackread.com earlier reported a website designed by software engineer Philip Wang that can create realistic faces of people… This is a post from HackRead.com Read the original post: New Scam Utilizing AI-Generated Images to Represent Fake Law Firm...
WordPress LawPress – Law Firm Website Management plugin <= 1.4.4 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress LawPress – Law Firm Website Management plugin versions = 1.4.4. Solution Update the WordPress LawPress – Law Firm Website Management plugin to the latest available version at least 1.4.5...
inhouselawfirm.nl Improper Access Control vulnerability OBB-2242349
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
FIN7 Liquor Lure Compromises Law Firm with Backdoor
Financial cybercrime gang FIN7 has rebounded after the jailing of some key members, launching a campaign that uses as a lure a legal complaint involving the liquor company that owns Jack Daniels whiskey. The gambit successfully compromised at least one law firm, giving them a shot of the JSSLoade...
Stolen Jones Day Law Firm Files Posted on Dark Web
The Clop ransomware group has reportedly started posting data on the Dark Web apparently stolen from law firm Jones Day, which represents many of the globe’s most powerful people, including former president Donald Trump in his efforts to overturn the 2020 election. But the attack had nothing to d...
Clop ransomware gang leaks Jones Day law firm data on dark web
By Deeba Ahmed A group of cybercriminals known for Clop ransomware operations leaked data stolen from the US-based law firm Jones Day on the Dark Web. This is a post from HackRead.com Read the original post: Clop ransomware gang leaks Jones Day law firm data on dark web...
CWT Travel Agency Faces $4.5M Ransom in Cyberattack, Report
CWT, a giant in the corporate travel agency world with a global clientele, may have faced payment of $4.5 million to unknown hackers in the wake of a ransomware attack. Independent malware hunter @JAMESWT tweeted on Thursday that a malware sample used against CWT formerly known as Carlson Wagonli...
REvil Ransomware Gang Adds Auction Feature for Stolen Data
The REvil ransomware gang also known as Sodinokibi has added an auction feature to its underground website that allows anonymous bidding on information stolen in its targeted ransomware campaigns. The auction capability appeared at the beginning of June, according to an analysis from Cyberint. In...