Hackers exploit WordPress plugin Post SMTP to hijack admin accounts

Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 ...
Dark Reading

New Tool Exposes Stealthy Metasploit Hack

Researchers will release an open source tool at Black Hat USA that helps forensics investigators reconstruct attacks that use a popular Metasploit payload to covers its tracks. Mandiant's Steve Davis ...
Bleeping Computer

Hackers exploit ProjectSend flaw to backdoor exposed servers

Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers. The flaw, tracked as CVE-2024-11680, is a ...
Dark Reading

Expired Redis Service Abused to Use Metasploit Meterpreter Maliciously

Attackers are using an 8-year-old version of the Redis open-source database server to maliciously use Metasploit's Meterpreter module to expose exploits within a system, potentially allowing for ...
InfoWorld

More IE security woes: Attacks appear imminent as exploit is improved

Hackers working on the open-source Metasploit project have spiffed up a zero-day attack on Microsoft’s Internet Explorer, making it more reliable — and more likely to be used by criminals. Security ...
TechRepublic

Homebrew: How to install exploit tools on macOS

In this follow-up to the installing security tools on macOS via Homebrew series, we’ll be looking at various applications that can be used to exploit any vulnerabilities that have been found after ...
Reuters

Attacks appear imminent as IE exploit is improved

Hackers working on the open-source Metasploit project have spiffed up a zero-day attack on Microsoft's Internet Explorer, making it more reliable -- and more likely to be used by criminals. Security ...