CSO Online

Modular DS bug hands hackers instant WordPress admin access

Security researchers confirmed in-the-wild exploitations of the mx-severity flaw, allowing unauthenticated actors gain full ...

WordPress Membership Plugin Flaw Exposes Sensitive Stripe Data

WordPress membership plugin vulnerability exposing sensitive Stripe payment data affects up to 10,000 websites.
The Hacker News

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

A critical WordPress Modular DS plugin flaw (CVE-2026-23550) allows unauthenticated attackers to gain admin access; patched in version 2.5.2.

伪装成“DocuSign”的钓鱼邮件席卷法律界:一场针对信任链的精准打击

这不是孤立事件。过去三年,全球法律、金融、医疗等高信任度行业已成为钓鱼攻击的“黄金靶场”。而此次佛罗里达事件,不仅暴露了社会工程学攻击的进化速度,更揭示了一个残酷现实:攻击者正在系统性地利用“制度性信任”作为突破口。
GovInfoSecurity

Magecart Hits Continue: Stripe Spoofing, Supply Chain Risks

Magecart-style digital skimming attacks targeting payment card data continue, with researchers detailing an active campaign ...