Recently, a sophisticated phishing campaign targeted WooCommerce store owners by falsely reporting critical vulnerabilities, then tricking victims into installing malware – disguised as an essential security patch.. Security researchers and WooCommerce’s team have issued alerts to help make store owners aware and keep themselves safe. We summarize everything you need…
A critical vulnerability in the SSL.com domain validation process allowed unauthorized parties to get the certificates on behalf of you or your organisation. SSL.com is one of the famous Certificate Authorities (CA) trusted by all major browsers. This Vulnerability is reported by security researchers; in their demonstration, they showed how…
If you’ve ever browsed the internet, you’ve utilized Port 80, even if you didn’t know it. Port 80 is an underlying infrastructure that brings searches to your screen and most of the web traffic we rely upon daily depends on this Port. Everything that pops up on the World Wide…
What is a PKI Certificate? PKI Certificate, also known as a digital certificate, is an electronic document used for the purpose of verifying the possession of a certain public key in a particular security system. It also plays an important role in authenticating safe communication as well as transactions using…
About the Incidence Cybercriminals are using a new technique to run their phishing campaigns. This advanced phishing attack bypasses Gmail’s security filters. The phishing email seems to be genuine because the form address in the email is “
[email protected]” and it’s a valid signed email. The attack was discovered by “Nick…
Fortinet, a leading cybersecurity company, has released an urgent alert revealing that hackers have found a new technique to maintain unauthorized, read-only access to FortiGate devices even after they have been patched for known vulnerabilities. This exploit involves the use of symbolic links (symlinks) within the SSL-VPN feature that allows…
What is Wildcard SSL? A Wildcard SSL certificate is a unique SSL certificate that protects a single domain and all its subdomains. In contrast to standard SSL certificates that secure only one domain, a Wildcard SSL certificate employs a wildcard character—an asterisk, *—in the domain name, enabling encryption for countless…
Introduction Email remains the number one way brands communicate information globally despite the rise of instant messaging tools. In 2024, people sent over 361.6 billion emails, of which over 3.4 billion were phishing emails. This makes email security or authentication crucial today. When we talk about email authentication, the aim…
Get ready, Senders (Email Marketers), Microsoft is joining Gmail and Yahoo in tightening email authentication rules. If you’re unprepared, your emails might be headed straight to the junk folder. Starting May 5, 2025, Microsoft Outlook (including hotmail.com, live.com, and outlook.com domains) will begin filtering or rejecting emails that don’t meet…
What is PCI Compliance? PCI Compliance or Payment Card Industry Data Security Standard (PCI DSS) Compliance refers to the extent to which businesses conform to the industry standards. The PCI security standard lays these down to ensure that any company that handles credit card data exercises adequate measures to safeguard…
With increasing cyberattacks, signing documents electronically has become more critical than ever. According to a report, the global digital signature market is expected to reach $14.1 billion by 2026. Electronic signatures are of different types, defined under the eIDAS Regulation. The Qualified Electronic Signature (QES) stands out as the gold…
One of the most famous JavaScript frameworks, “Next.Js,” has critical security with a CVE base score of 9.1 by NIST. Next.js is a React framework that provides a structured approach and additional features for building web applications, including server-side rendering and static site generation, built on top of the React…
Google’s second-generation Chromecast and Chromecast Audio hardware experienced a significant outage in March 2025, to the disappointment of users who were greeted with “untrusted device” error screens when trying to cast video. While initial speculation was that forced obsolescence was the cause, a closer look later revealed a more technical…
What Is Quishing? Quishing is a cyber attack technique in which QR codes are used to deceive people into divulging information or downloading malware. This makes quishing not dependent on deceptive emails or websites, like so many other forms of phishing. The malicious codes are disseminated in any carrier, whether…
A critical security vulnerability has recently been discovered in Apache Pinot, a real-time distributed OLAP data store, leading to disastrous consequences for its user base. This flaw allows unauthenticated attackers to perform authentication bypasses and gain access to sensitive systems. The vulnerability is rated 9.8 on the CVSS scale, which…