The AI Engine plugin for WordPress, with over 50,000 active installations, has a critical security vulnerability that allows unauthorized users to upload arbitrary files, posing a significant risk to websites that use the plugin.
The cybersecurity sector experienced a significant increase in transactions in 2023, with a focus on early-stage initiatives, but total investment raised decreased by 40% compared to the previous year.
A cyberattack carried out by a group called Jund al-Rab targeted Beirut’s international airport, defacing departure and arrival screens and disrupting the baggage handling system, highlighting the intersection of cyber warfare and traditional military actions in modern conflicts.
The US National Institute of Standards and Technology (NIST) has released a comprehensive report addressing the security and privacy challenges associated with adversarial machine learning attacks on AI systems, highlighting the risks and vulnerabilities in the development and deployment of AI systems and calling for better defenses to protect against these threats.
The Synopsys Cybersecurity Research Center has identified a critical SQL injection vulnerability in the Cacti Monitoring Tool, enabling unauthorized access to the database and potential remote code execution.
State-supported cyber espionage group Sea Turtle, believed to be operating in alignment with Turkish interests, has recently resurfaced after being undetected since 2020, targeting organizations in Europe and the Middle East with DNS hijacking, supply chain attacks, and island-hopping attacks to gather personal information for surveillance and intelligence purposes.
