According to security researchers at Jscrambler, about 6,700 WordPress websites have been infected with the Balada Injector malware after using a Popup Builder plug-in with a cross-site scripting (XSS) vulnerability tracked as CVE-2023-6000.  The researchers noted that the Balada Injector campaign is long-running (since 2017) and is an operation that has compromised more than 1 million WordPress sites in the past six years.

Quarkslab researchers discovered a set of vulnerabilities called PixieFail affecting the IPv6 network protocol stack of TianoCore's EDK II, an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification that is widely used in enterprise computers and servers. The flaws are in the PXE network boot process, which is critical for provisioning operating systems in data centers and high-performance computing environments. It is a standard procedure for loading operating system images from the network during boot.

A major Spanish holiday destination became the victim of ransomware last weekend, with reports claiming digital extortionists are demanding €10m ($11m).  The municipality of Calvià in the southwest of Majorca includes the popular tourist hotspot of Magaluf and attracts over one million visitors to its shores a year.  A crisis committee has been assembled to assess the attack's impact on local services, and an IT team is working through forensic analysis and recovery processes.  The Guardia Civil has reportedly also been contacted for assistance.

OpenAI, the developer of the AI chatbot ChatGPT and the image generator DALL-E has recently announced new measures to prevent abuse and misinformation ahead of big elections this year.  The firm announced that it was collaborating with the National Association of Secretaries of State (NASS), the oldest non-partisan professional organization for public officials in the US, to prevent the use of ChatGPT for misinformation ahead of the US Presidential Election in November.

According to new research, a vulnerability called LeftoverLocals exists in multiple brands and models of mainstream GPUs, including Apple, Qualcomm, and AMD chips, and can allow an attacker to steal large amounts of data from a GPU's memory. To exploit the vulnerability, attackers must first establish some level of operating system access on a target's device. Modern computers and servers are designed to silo data, allowing multiple users to share the same processing resources while not being able to access each other's data.

Citrix recently informed customers that two new zero-day vulnerabilities affecting its NetScaler ADC and Gateway products have been exploited in attacks.  One of the flaws tracked as CVE-2023-6548 is a medium-severity issue that allows a low-privileged authenticated attacker to execute arbitrary code on the management interface remotely.  The second vulnerability, CVE-2023-6549, is a high-severity issue that can be exploited for denial-of-service (DoS) attacks.

Google has recently pushed out an urgent Chrome browser update to fix a trio of high-severity security defects and warned that one of the bugs is already being exploited in the wild.  Google describes the exploited zero-day, CVE-2024-0519, as an out-of-bounds memory access issue in the V8 JavaScript engine.  Google did not provide any additional details on the scope of the observed attacks or share telemetry to help defenders hunt for signs of compromise.

Researchers from Nanjing University and Renmin University in China have significantly advanced e-commerce security by developing the world's first five-user online trading platform using quantum technology. Their research could improve online transaction security. Traditional e-commerce systems, which are protected by classical encryption algorithms, are becoming increasingly vulnerable to hacking, particularly with the rise of powerful quantum computing.

Collecting and analyzing data from a large number of patients in order to discover patterns is an important aspect of modern healthcare, but such data must be protected to prevent the violation of individuals' privacy. Breaches could also damage general trust, resulting in fewer people consenting to participate. Researchers at the University of Copenhagen's Department of Computer Science have developed a method for protecting data sets used to train Machine Learning (ML) models. According to Ph.D.

Security researchers used new techniques to infiltrate PyTorch's development infrastructure. They exploited insecure configurations in GitHub Actions workflows. Their proof-of-concept (POC) attack was disclosed to PyTorch's lead developer Meta AI. However, other software development organizations using GitHub Actions are likely to have made similar deployment mistakes, potentially exposing themselves to software supply chain attacks.