LottieFiles hit in npm supply chain attack targeting users' crypto

Published on October 31, 2024

LottieFiles announced that specific versions of its npm package carry malicious code that prompts users to connect their cryptocurrency wallets so they can be emptied. [...]

Continue reading on website
Other news

Why U.S. Election Security Is ‘In A Far Better Place’ In 2024: Kyndryl Security Chief

October 31, 2024
Kyndryl global security practice leader Kris Lovejoy discusses how the solution and service provider giant has been working with U.S. jurisdictions to shore up the security of their election systems prior to Nov. 5.

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

October 31, 2024
A high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat actor to elevate their privileges and perform malicious actions.The vulnerability, tracked as CVE-2024-50550 (CVSS score: 8.1), has been addressed in version 6.5.2 of the plugin."The plugin suffers from an unauthenticated privilege escalation vulnerability