Dark Reading

Hackers 'Timthumb' Their Noses At Vulnerability To Compromise 1.2 Million Sites

A vulnerability in an obscure WordPress add-on script that was discovered in August is currently being used to compromise more than 1.2 million websites -- and could be easily used to siphon data out ...
Bleeping Computer

Hackers exploiting zero-day in Gladinet file sharing software

Threat actors are exploiting a zero-day vulnerability (CVE-2025-11371) in Gladinet CentreStack and Triofox products, which allows a local attacker to access system files without authentication. At ...
Searchenginejournal.com

15 Vulnerabilities In 11 Elementor Addons Hit +3M WordPress Sites

Researchers have issued advisories for eleven separate Elementor add-on plugins with 15 vulnerabilities that can make it possible for hackers to upload malicious files. One of them is rated as a high ...
CSOonline

Researcher says Adult Friend Finder vulnerable to file inclusion vulnerabilities

A researcher known for exposing application flaws posted screenshots showing Local File Inclusion vulnerabilities on Adult Friend Finder. The incident marks the second time in just over a year that ...
CSOonline

Gladinet file sharing zero-day brings patched flaw back from the dead

Criminals have been spotted exploiting a new zero-day vulnerability in Gladinet CentreStack and Triofox file sharing servers that could allow them to re-create the conditions of an earlier flaw ...