Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies

Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials

N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto

AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals

UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraud

Threat actors are actively exploiting a critical security flaw in "Alone – Charity Multipurpose Non-profit WordPress Theme" to take over susceptible sites.
The vulnerability, tracked as CVE-2025-5394, carries a CVSS score of 9.8. Security researcher Thái An has been credited with discovering and reporting the bug.
According to Wordfence, the shortcoming relates to an arbitrary file upload

Headline

Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install

The Hacker News: Latest News