Imperva Customers Protected Against “wp2shell” Pre-Authentication RCE in WordPress Core

TL;DR: A critical pre-authentication Remote Code Execution (RCE) vulnerability, dubbed “wp2shell” (CVE-2026-63030), has been identified in WordPress Core. This vulnerability allows an unauthenticated attacker to execute arbitrary code on a vulnerable WordPress installation without any preconditions, such as plugins or specific configurations. Given that WordPress powers…

IT Security News Daily Summary 2026-07-18

41 posts were published in the last hour 19:31 : OpenSSL Fixes HollowByte Memory Exhaustion Bug 19:8 : Hugging Face Confirms AI-Driven Breach: Attackers used Autonomous Agents, defenders countered with AI 19:5 : IT Security News Hourly Summary 2026-07-18 21h…

OpenSSL Fixes HollowByte Memory Exhaustion Bug

Okta disclosed HollowByte, an 11-byte OpenSSL flaw that lets remote attackers exhaust server memory and trigger denial-of-service attacks. Okta’s Red Team disclosed a denial-of-service vulnerability in OpenSSL they named HollowByte, and the attack payload is exactly 11 bytes. A remote,…

Nearly 7 Million Driver’s License Numbers Exposed After AssuranceAmerica Data Breach

  Nearly seven million people are being notified after a cyberattack on Atlanta-based auto insurer AssuranceAmerica exposed highly sensitive personal information, including driver’s license numbers, Social Security numbers and insurance records, raising concerns about long-term identity theft risks. According to…

GigaWiper

When Malware Doesn’t Have to Choose Between Espionage and Destruction This article has been indexed from CyberMaterial Read the original article: GigaWiper