Bleeping Computer

Hackers exploit WordPress plugin Post SMTP to hijack admin accounts

Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts.
Bleeping Computer

New Critical RCE Bug in OpenBSD SMTP Server Threatens Linux Distros

Security researchers have discovered a new critical vulnerability in the OpenSMTPD email server. An attacker could exploit it remotely to run shell commands as root on the underlying operating system.
Dark Reading

Ransomware Attackers Bypass Microsoft's ProxyNotShell Mitigations With Fresh Exploit

The operators of a ransomware strain called Play have developed a new exploit chain for a critical remote code execution (RCE) vulnerability in Exchange Server that Microsoft patched in November. The ...