Security Affairs

MAY 6, 2023

A reflected cross-site scripting vulnerability is the Advanced Custom Fields plugin for WordPress exposed over 2 million sites to hacking. Assetnote researchers discovered a reflected cross-site scripting vulnerability, tracked as CVE-2023-29489 (CVSS score: 6.1), in the Advanced Custom Fields plugin for WordPress. The ACF field builder allows users to quickly and easily add fields to WP edit screens with only the click of a few buttons.

Authentication 97

Authentication Security Cybersecurity IT 97

WIRED Threat Level

MAY 6, 2023

Plus: Apple and Google plan to stop AirTag stalking, Meta violated the FTC’s privacy order, and how to tell if your car is tracking you.

Privacy 73

Privacy Security 73

Security Affairs

MAY 6, 2023

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues

Security 96

Security Libraries Data breaches Ransomware 96

The Guardian Data Protection

MAY 6, 2023

Feature allows users to set a list of friends and post tweets that only they are supposed to be able to read A privacy breach at Twitter published tweets that were never supposed to be seen by anyone but the poster’s closest friends to the site at large, the company has admitted after weeks of stonewalling reports. The site’s Circles feature allows users to set an exclusive list of friends and post tweets that only they can read.

Security 60

Security Privacy Risk IT 60

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

IT

Security Affairs

MAY 6, 2023

A security problem caused the public sharing of private tweets sent to Twitter Circles to users outside of the Circle, the company admitted. Since August 2022, the Twitter Circle feature allows users to send tweets to a restricted circle of users, these messages are not visible to Twitter users outside the Circle. As reported by BleepingComputer , around April 7, some Twitter users noticed the issue.

Security 93

Security Privacy Cybersecurity Risk 93