Multiple cross-site scripting (XSS) bugs and an XML external entity (XXE) problem opens the door to takeover of admin desktops. Go to Source

The Department of Homeland Security urged system administrators to update their Windows machines after testing a working BlueKeep exploit for Windows 2000. Go to Source

Researchers at Plugin Vulnerabilities cite grudge and irresponsibly disclose bugs in two WordPress plugins from Facebook. Go to Source

The social platform has suspended six sets of accounts across four jurisdictions for running alleged influence campaigns, including Iran. Go to Source

Students at Oregon State University, Graceland University and Southern Missouri State have all been impacted by email attacks against school employees. Go to Source

Microsoft is urging users to patch every Exim installation in their organization and make sure that they are updated to the most recent version, Exim version 4.92. Go to Source

Attackers are exploiting a Linux Exim critical flaw to execute remote commands, download crypto miners and sniff out other vulnerable servers. Go to Source

Traffic analysis sheds light on weekday habits of attackers such as the most likely day for attacks and how malicious infrastructure is shared. Go to Source

ASCO is the latest headline-making organization to be hit by ransomware, prompting many companies to consider what to do to minimize their risk. Go to Source

Attackers continue to push the boundaries with modular trojans and ransomware attacks, a new report found. Go to Source