SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 106

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter CrashStealer: C++ macOS infostealer posing as crash reporter Lucide Proxy: Turning Student Web Proxies into DDoS Bots       AsyncAPI…

Imperva Customers Protected Against “wp2shell” Pre-Authentication RCE in WordPress Core

TL;DR: A critical pre-authentication Remote Code Execution (RCE) vulnerability, dubbed “wp2shell” (CVE-2026-63030), has been identified in WordPress Core. This vulnerability allows an unauthenticated attacker to execute arbitrary code on a vulnerable WordPress installation without any preconditions, such as plugins or specific configurations. Given that WordPress powers…

IT Security News Daily Summary 2026-07-18

41 posts were published in the last hour 19:31 : OpenSSL Fixes HollowByte Memory Exhaustion Bug 19:8 : Hugging Face Confirms AI-Driven Breach: Attackers used Autonomous Agents, defenders countered with AI 19:5 : IT Security News Hourly Summary 2026-07-18 21h…

OpenSSL Fixes HollowByte Memory Exhaustion Bug

Okta disclosed HollowByte, an 11-byte OpenSSL flaw that lets remote attackers exhaust server memory and trigger denial-of-service attacks. Okta’s Red Team disclosed a denial-of-service vulnerability in OpenSSL they named HollowByte, and the attack payload is exactly 11 bytes. A remote,…