BleepingComputer.com

"Critical zero-days impact premium Wordpress real estate plugins."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 23 January 2025, 1318 UTC.

Content and Source:   https://www.bleepingcomputer.com/

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Latest Articles

• 
   
  Deals

  Automate administrative work with $20 Windows PowerShell training

  This 2025 Windows PowerShell certification training bundle is your key to automating those mind-numbing tasks and freeing you up to focus on more strategic work. For $19.99, you'll get lifetime access to six courses covering more than 15 hours of content (reg. $78).

  • BleepingComputer Deals
   
  • January 23, 2025
   
  • 07:09 AM
   
  •  0
• 
   
  Security

  Critical zero-days impact premium WordPress real estate plugins

  The RealHome theme and the Easy Real Estate plugins for WordPress are vulnerable to two critical severity flaws that allow unauthenticated users to gain administrative privileges.

  • Bill Toulas
   
  • January 22, 2025
   
  • 05:59 PM
   
  •  0
• 
   
  Security

  Cloudflare CDN flaw leaks user location data, even through secure chat apps

  A security researcher discovered a flaw in Cloudflare's content delivery network (CDN), which could expose a person's general location by simply sending them an image on platforms like Signal and Discord.

  • Bill Toulas
   
  • January 22, 2025
   
  • 04:32 PM
   
  •  0
• 
   
  Security

  Telegram captcha tricks you into running malicious PowerShell scripts

  Threat actors on X are exploiting the news around Ross Ulbricht to direct unsuspecting users to a Telegram channel that tricks them into executing PowerShell code that infects them with malware.

  • Bill Toulas
   
  • January 22, 2025
   
  • 03:35 PM
   
  •  0
• 
   
  Deals

  Train in ethical hacking skills with these self-paced online courses

  This comprehensive ethical hacking course bundle packs in 18 courses that cover how to become a white hat hacker and land a high-paying IT role. Sign up now and get lifetime access for just $34.97 (reg. $1,098) through February 2.

  • BleepingComputer Deals
   
  • January 22, 2025
   
  • 02:06 PM
   
  •  0
• 
   
  Security

  Cisco warns of denial of service flaw with PoC exploit code

  Cisco has released security updates to patch a ClamAV denial-of-service (DoS) vulnerability, which has proof-of-concept (PoC) exploit code.

  • Sergiu Gatlan
   
  • January 22, 2025
   
  • 01:47 PM
   
  •  0
• 
   
  Security

  PowerSchool hacker claims they stole data of 62 million students

  The hacker who breached education tech giant PowerSchool claimed in an extortion demand that they stole the personal data of 62.4 million students and 9.5 million teachers.

  • Lawrence Abrams
   
  • January 22, 2025
   
  • 12:39 PM
   
  •  0
• 
   
  Security

  Conduent confirms cybersecurity incident behind recent outage

  American business services giant and government contractor Conduent confirmed today that a recent outage resulted from what it described as a "cyber security incident."

  • Sergiu Gatlan
   
  • January 22, 2025
   
  • 11:56 AM
   
  •  0
• 
   
  Microsoft

  Windows 11 24H2 now also offered to all eligible Windows 10 PCs

  Microsoft says Windows 11 24H2 has entered the broad deployment phase and is now available to all seekers via Windows Update.

  • Sergiu Gatlan
   
  • January 22, 2025
   
  • 10:19 AM
   
  •  3
• 
   
  Security

  IPany VPN breached in supply-chain attack to push custom malware

  South Korean VPN provider IPany was breached in a supply chain attack by the "PlushDaemon" China-aligned hacking group, who compromised the company's VPN installer to deploy the custom 'SlowStepper' malware.

  • Bill Toulas
   
  • January 22, 2025
   
  • 10:11 AM
   
  •  0
• 
   
  Security· Sponsored Content

  Use this AI chatbot prompt to create a password-exclusion list

  Creating a custom password-exclusion list can help prevent employees from using passwords that are likely to be guessed. Learn from Specops Software on using AI to generate password dictionary for securing your organization's credentials.

  • Sponsored by Specops
   
  • January 22, 2025
   
  • 10:00 AM
   
  •  0
• 
   
  Security

  Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025

  On the first day of Pwn2Own Automotive 2025, security researchers exploited 16 unique zero-days and collected $382,750 in cash awards.

  • Sergiu Gatlan
   
  • January 22, 2025
   
  • 09:38 AM
   
  •  2
• 
   
  Deals

  Learn a new language with a Babbel lifetime access deal

  Babbel language learning is one of the most popular apps out there, with 15 million users and stellar reviews around the web. Instead of paying monthly fees, get a lifetime subscription through us for $149.99 with code BABBEL20 at checkout (normally $599). You won't find a better deal anywhere else.

  • BleepingComputer Deals
   
  • January 22, 2025
   
  • 07:16 AM
   
  •  0
• 
   
  Security

  Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack

  The largest distributed denial-of-service (DDoS) attack to date peaked at 5.6 terabits per second and came from a Mirai-based botnet with 13,000 compromised devices.

  • Bill Toulas
   
  • January 21, 2025
   
  • 04:04 PM
   
  •  2
• 
   
  Security, Apple, Google

  Fake Homebrew Google ads target Mac users with malware

  Hackers are once again abusing Google ads to spread malware, using a fake Homebrew website to infect Macs and Linux devices with an infostealer that steals credentials, browser data, and cryptocurrency wallets.

  • Bill Toulas
   
  • January 21, 2025
   
  • 02:58 PM
   
  •  0
• 
   
  Deals

  Want a new laptop? This open-box 2024 Lenovo IdeaPad is almost half off

  You'll want to check out this 2024 Lenovo IdeaPad 5i, which comes with 16GB RAM, 1TB SSD, and Windows 11 Home pre-installed. A new open-box edition of this laptop is now price-dropped from $1,069 to only $579.99, but only while supplies last.

  • BleepingComputer Deals
   
  • January 21, 2025
   
  • 02:07 PM
   
  •  0
• 
   
  Microsoft, Gaming

  Microsoft previews Game Assist in-game browser in Edge Stable

  ​Microsoft has announced that Game Assist, its recently unveiled in-game browser, is now also available in preview for Microsoft Edge Stable users.

  • Sergiu Gatlan
   
  • January 21, 2025
   
  • 01:25 PM
   
  •  0
• 
   
  Technology

  Bitbucket services “hard down” due to major worldwide outage

  Bitbucket is investigating a massive outage affecting Atlassian Bitbucket Cloud customers worldwide, with the company saying its cloud services are "hard down."

  • Sergiu Gatlan
   
  • January 21, 2025
   
  • 12:23 PM
   
  •  0
• 
   
  Security

  7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now

  ​A high-severity vulnerability in the 7-Zip file archiver allows attackers to bypass the Mark of the Web (MotW) Windows security feature and execute code on users' computers when extracting malicious files from nested archives.

  • Sergiu Gatlan
   
  • January 21, 2025
   
  • 11:05 AM
   
  •  6
• 
   
  Security

  Ransomware gangs pose as IT support in Microsoft Teams phishing attacks

  Ransomware gangs are increasingly adopting email bombing followed by posing as tech support in Microsoft Teams calls to trick employees into allowing remote control and install malware that provides access to the company network.

  • Bill Toulas
   
  • January 21, 2025
   
  • 10:59 AM
   
  •  0

• 1
 
• 2
 
• 3
 
• 4
 
• 5
 

View More