Thousands of websites using WordPress continue to be vulnerable to a critical security flaw in a plugin named Hunk Companion. The flaw, which has been actively exploited in attacks that execute malicious code, has a severity rating of 9.8/10. Less than 12% of users have installed the patch, leaving around 9,000 sites at risk.

FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites
The Russian cybercrime group FIN7 is linked to a Python-based backdoor named Anubis, providing them remote access to compromised Windows systems, says Swiss cybersecurity firm