Safe Breach Labs cybersecurity experts: The threat actor infects victims via Farsi phishing emails with a PowerShell stealer malware.
Critical vulnerability discovered on “Spam protection, AntiSpam, FireWall” in WordPress. The flaw in the plugin can be used to extract sensitive info from a site’s database, including user emails and password hashes. There is also a PoC
A new vulnerability in WordPress plugins has been discovered: this time it concerns “Spam protection, AntiSpam, FireWall” by CleanTalk. Wordfence cybersecurity experts denounce this. The flaw, known as CVE-2021-24295, could be used to extract sensitive information from a site’s database, including user emails and password hashes, all remotely. Moreover, a Proof of Concept (PoC) is circulating on the web, which explains how to exploit the vulnerability to launch attacks. The manufacturer in recent days has released a patch that solves the problem, it is essential to install it as soon as possible.