WordPress security plugin WP Ghost vulnerable to remote code execution bug

Published on March 20, 2025

Popular WordPress security plugin WP Ghost is vulnerable to a critical severity flaw that could allow unauthenticated attackers to remotely execute code and hijack servers. [...]

Continue reading on website
Other news

GitHub Action supply chain attack exposed secrets in 218 repos

March 20, 2025
The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it, with it estimated that only 218 repositories exposed secrets due to the supply chain attack. [...]

YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users

March 20, 2025
YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users."What's intriguing about this malware is how much it collects," Kaspersky said in an analysis. "It grabs account information from VPN and gaming clients, and all kinds of network utilities like ngrok, Playit, Cyberduck, FileZilla, and