Researchers are warning of flaws in two WordPress plugins – Slick Popup and WP Database Backup – including one that remains unpatched. Go to Source

A top UK government cyber-official has called out the telecom supplier, long suspected to use its infrastructure sales as a base for industrial espionage. Go to Source

A rapidly-expanding campaign has infected 50,000 servers with malware that mines an open source cryptocurrency called TurtleCoin. Go to Source

Amazingco, an events planning firm, exposed 212,220 records with personal data relating to children’s parties, wine tours and more. Go to Source

Researcher discloses vulnerability in macOS Gatekeeper security feature that allows the execution of malicious code on current version of the OS. Go to Source

Researchers have discovered one million devices that are vulnerable to a “wormable” Microsoft flaw, which could open the door to a WannaCry-like cyberattack. Go to Source

New campaigns also show modified versions of known payloads. Go to Source

Bad actors are looking to hit financial and banking firms in Canada with geo-specific campaigns touting malware like Emotet, GandCrab and Ursnif. Go to Source

After a report found that Snap employees were abusing their access to Snapchat data, experts are warning that insider threats will continue to be a top challenge for privacy. Go to Source

New .htaccess injector threat on Joomla and WordPress websites redirects to malicious websites. Go to Source