Contec Health’s CMS8000 Patient Monitor has been found to contain critical vulnerabilities that could allow for remote exploitation, including unauthorized file uploads and exposure of sensitive patient data. The Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have addressed these risks and advised the temporary removal of the affected devices from networks. They also recommended strict access controls, using firewalls, and sourcing equipment from trusted manufacturers.

Hiding WordPress malware in the mu-plugins directory to avoid detection
Sucuri researchers have detected a number of cases where hackers have hidden malware within the mu-plugins directory of WordPress, which auto-loads without activation. WordPress site