Bleeping Computer

GhostDNS exploit kit source code leaked to antivirus company

Malware analysts received unrestricted access to the components of GhostDNS exploit kit after the malware package essentially fell into their lap. GhostDNS is a router exploit kit that uses cross-site ...
Searchenginejournal.com

WordPress Nested Pages Plugin High Severity Vulnerability

The U.S. National Vulnerability Database (NVD) and Wordfence published a security advisory of a high severity Cross Site Request Forgery (CSRF) vulnerability affecting the Nested Pages WordPress ...
Dark Reading

Academic Portal Platform Fails Penetration Test

Researchers have discovered two major vulnerabilities in a popular open-source online course management system that would let an attacker take over teacher and site administrator accounts. The Moodle ...
Searchenginejournal.com

WordPress Redux Plugin Vulnerability Affects +1 Million Sites

Redux, a popular WordPress plugin with more than 1 million active installations recently patched a vulnerability. The vulnerability allowed an attacker to bypass security measures in a Cross-Site ...
Dark Reading

'Novidade' Exploit Changes DNS Settings in Home & Small Business Routers

A new exploit spotted by Trend Micro is designed to target small home and office (SOHO) routers, as well as consumer-grade home routers, by changing their internal domain name service (DNS) setting to ...
CSOonline

Like routers, most USB modems also vulnerable to drive-by hacking

The majority of 3G and 4G USB modems offered by mobile operators to their customers have vulnerabilities in their Web-based management interfaces that could be exploited remotely when users visit ...