Browsing: Security

The operators of the Kimwolf botnet recently claimed to have infiltrated the control panel of Badbox 2.0, a massive China-based botnet infecting millions of Android TV streaming boxes. This development offers new leads for the FBI and Google, who are actively investigating Badbox 2.0, potentially revealing key individuals behind its operations, including Chen Daihai and Zhu Zhiyu.

WhatsApp has introduced a new ‘Strict Account Settings’ feature designed to protect users from sophisticated cyberattacks, including spyware. This toggle extends the platform’s privacy efforts, allowing users to limit features like blocking attachments and media from unknown contacts.

US Immigration and Customs Enforcement (ICE) is seeking information from companies regarding “commercial Big Data and Ad Tech” products. These tools are intended to support investigative activities, as detailed in a recent Federal Register filing. This move highlights the government’s increasing interest in leveraging commercially developed technologies for law enforcement and surveillance purposes.

A severe unauthenticated privilege escalation flaw (CVE-2026-23550) in the Modular DS WordPress plugin, affecting over 40,000 sites, is under active exploitation. This vulnerability allows attackers to bypass authentication and gain full administrator access, potentially leading to complete site compromise. Users are urged to update to version 2.5.2 immediately and check for signs of compromise.

Germany’s Dresden State Art Collections, a prominent European museum network, recently experienced a targeted cyberattack. This incident has significantly impacted its digital infrastructure, leading to disruptions in online ticket sales, visitor services, and phone access. While the museums remain open, cash payments are currently the only option for on-site purchases.