The Hacker News

ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More

ThreatsDay: OAuth abuse, Signal hijacks, Zombie ZIP evasion, Teams malware, AI hack, RondoDox botnet, and more cyber stories.
SecurityWeek

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

A vulnerability in the Ally WordPress plugin exposes over 200,000 websites to sensitive information disclosure via SQL queries.

SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites

An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without ...

Microsoft's 'Patch Tuesday' for March Addresses Two Zero-Day Flaws

After last month's massive security update, Microsoft's Patch Tuesday push for March seems relatively light, with only two publicly disclosed zero-day flaws among the 83 vulnerabilities fixed in total ...

Microsoft Confirms SQL Zero-Day Security Vulnerability—Here’s The Fix

Microsoft has confirmed that a hacker who successfully exploits a zero-day SQL vulnerability could gain system administrator privileges. Here’s how to fix it.
SecurityWeek

Microsoft Patches 83 Vulnerabilities

Microsoft has rolled out fixes for 83 vulnerabilities in its products, including a critical bug, but none of them require ...
Computer Weekly

Microsoft patches zero-days in .NET and SQL Server

Zero-days in .NET and SQL Server, and a handful of critical RCE bugs, form the nucleus of Microsoft's March Patch Tuesday update.
IEEE

EAPDS: Efficient Auditable and Privacy-Preservation Data-Sharing Scheme Based on Attribute-Based Encryption for IoMT

Abstract: Data-sharing schemes based on the Internet of Medical Things (IoMT) have emerged as a more convenient way to monitor and manage individuals’ health. However, this scenario faces challenges, ...