Wordfence Intelligence Weekly WordPress Vulnerability Report (July 14, 2025 to July 20, 2025)

Calling all Vulnerability Researchers and Bug Bounty Hunters! Spring into Summer with Wordfence! Now through August 4, 2025, earn 2X bounty rewards forall in-scope submissions from our 'High Threat' list in software with fewer than 5 million active installs. Bounties up to $31,200 per...

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 30, 2025 to July 6, 2025)

Calling all Vulnerability Researchers and Bug Bounty Hunters! Spring into Summer with Wordfence! Now through August 4, 2025, earn 2X bounty rewards forall in-scope submissions from our 'High Threat' list in software with fewer than 5 million active installs. Bounties up to $31,200 per...

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 19, 2025 to May 25, 2025)

In case you missed it, Wordfence just published itsannual WordPress security report for 2024. Read it now to learn more about the evolving risk landscape of WordPress so you can keep your sites protected in 2025 and beyond. Last week, there were 164 vulnerabilities disclosed in 111 WordPress...

Compliance Insights: How to Stop Lateral Movement and Boost Authorization

Stop lateral movement before it starts. Learn how to meet security compliance regulations with layered security, microsegmentation, and smart API protection...

Bolster Your Regulatory Compliance with Layered Security Measures

...

Exploit for Improper Authentication in Wpdeveloper Essential_Addons_For_Elementor

🔐 CVE-2023-32243 – Detection and Mitigation in WordPress 📘...

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 17, 2025 to March 23, 2025)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

Uncovering the Latest Tactics of the SideWinder APT

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary SideWinder APT group uses advanced tactics like spear-phishing, DLL side-loading & more. A new server-side polymorphism technique, highlighting the need for multi-layered security measures. To receive...

Supply Chain Attacks and Critical Infrastructure: How CISA Helps Secure a Nation's Crown Jewels

Critical infrastructure attacks are a preferred target for cyber criminals. Here's why and what's being done to protect them. What is Critical Infrastructure and Why is It Attacked? Critical infrastructure is the physical and digital assets, systems and networks that are vital to national securit...

Best practices for adding layered security to Azure security with Check Point’s CloudGuard IaaS

The cloud is changing the way we build and deploy applications. Most enterprises will benefit from the cloud’s many advantages through hybrid, multi, or standalone cloud architectures. A recent report showed that 42 percent of companies have a multi-cloud deployment strategy. The advantages of th...

Microsoft Windows JET Database Engine CVE-2019-0906 Remote Code Execution Vulnerability

Description Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10...

Four Steps to Becoming a Threat Hunter

Roles in cybersecurity have evolved to now include the title of “Threat Hunter”. It sounds cool, but I’m sure many of you are wondering what it really means and how it is different from the job you’ve been doing. Up until now, most of us have performed a job more akin to “Threat Wrangler”. Once...

Four Ways Layered Security Will Improve Your Detection and Response

It’s widely understood by cybersecurity professionals today that it’s no longer a case of if your organization gets attacked online but when. Trend Micro blocked more than 20.4 billion threats in the first half of 2018 alone, and the ready availability of “as-a-service” toolkits will continue to...

Video: Bishop Fox on Device Threats and Layered Security

Threatpost talked to Christie Terrill, partner at Bishop Fox, about the top trends and security issues that were discussed at Black Hat USA in Las Vegas this month...

Trend Micro Protects VMware on Amazon Web Services

Organizations are taking advantage of changes in computing technology to position themselves for a more agile future. Technology leaders and architects see value beyond the data center with new public cloud models and are keen on adopting hybrid infrastructure approaches to their compute...

Trend Micro TippingPoint 8400TX Threat Protection System Receives “Recommended” Rating from NSS Labs

Organizations today are faced with an unenviable task: meeting market demands for continuous innovation and growth while keeping key systems and data safe from a growing range of cyber threats. To add to this already monumental task, it must all be done without disrupting network performance or...

Building a Security Risk Management Program

The frequency of data breaches today highlights the need to peel back the onion on security programs and identify a laser-focused mission and ultimate goal. As a compliance manager, I know the horror stories first hand. Let’s take a deeper dive into security and risk management basics to enable...

Microsoft Office CVE-2016-7236 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

Symantec Ghost Solution Suite Memory Corruption

SUMMARY Symantecs Ghost Solution Suite is susceptible to memory corruption issues that could result in an application denial of service or possibly arbitrary code execution. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec Ghost Solution Suite | 2.x | Upgrade to the latest...

Oracle Secure Backup's observiced.exe Denial Of Service vulnerability

Oracle Secure Backup's observiced.exe Denial Of Service vulnerability 2009.January.13 Fortinet's FortiGuard Global Security Research Team Discovers a vulnerability in observiced.exe of Oracle Secure Backup Summary: ======== A Denial Of Service vulnerability exists Oracle Secure Backup 10.2.0.2...