Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

An ongoing phishing campaign is targeting French-speaking corporate environments with fake resumes that lead to the deployment of cryptocurrency miners and information stealers. "The campaign uses highly obfuscated VBScript files disguised as resume/CV documents, delivered through phishing emails...

EUVD-2024-46071

Malicious code in bioql PyPI...

CVE-2024-31922

Cross-Site Request Forgery CSRF vulnerability in Anton Aleksandrov WordPress Hosting Benchmark tool.This issue affects WordPress Hosting Benchmark tool: from n/a through 1.3.6...

CVE-2024-52461

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kinsta Infinite Slider infinite-slider allows Reflected XSS.This issue affects Infinite Slider: from n/a through = 2.0.1...

CVE-2024-52461

CVE-2024-52461 corresponds to a Reflected Cross-Site Scripting (XSS) in the WordPress Infinite Slider plugin. Affected: Infinite Slider versions prior to or equal to 2.0.1. Root cause: improper input neutralization during web page generation. Impact is XSS risk on sites using the plugin; CVSS v3....

GPU Hosting and Open Source AI Will Revolutionize or Kill WordPress

On the eve of WordCamp US 2024 we find ourselves in the midst of a revolution. It is perhaps the most profoundly transformative technology revolution our species has experienced in our short history in this Universe. In fundamental terms, since computers have existed we have been programming them...

CVE-2024-31922

Technical details about CVE-2024-31922 are not provided in the supplied documents. Public details (affected product, root cause, patch) are not present here. Monitor for updates from vendors and vulnerability disclosures.

PT-2024-24285 · Unknown · Anton Aleksandrov Wordpress Hosting Benchmark Tool

Name of the Vulnerable Software and Affected Versions: Anton Aleksandrov WordPress Hosting Benchmark tool versions 1.3.6 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in the Anton Aleksandrov WordPress Hosting Benchmark tool. This type of vulnerability allo...

WordPress Hosting Benchmark tool plugin <= 1.3.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin WordPress Hosting Benchmark tool versions = 1.3.6...

WordPress WordPress Hosting Benchmark tool Plugin <= 1.3.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software WordPress Hosting Benchmark tool Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31922 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a2d0e78718f9 Credits...