Originally reported by Hackread
TL;DR
INTERPOL's Operation Synergia III dismantled major cybercrime infrastructure across 72 countries while Qualys researchers discovered critical vulnerabilities in AppArmor that could compromise millions of Linux systems. Meanwhile, a SQL injection flaw in a popular WordPress plugin remains largely unpatched across 200,000+ sites.
AppArmor vulnerabilities affecting 12.6 million Linux systems with potential for root access and container escapes represent significant infrastructure risk. Combined with active malware networks and widespread WordPress exposure, this creates substantial attack surface.
INTERPOL's Operation Synergia III concluded with significant disruption to cybercriminal networks, resulting in 94 arrests and the takedown of 45,000 malicious IP addresses across 72 countries. The coordinated international effort targeted infrastructure supporting phishing campaigns, malware distribution, and fraud operations.
The operation represents one of the largest coordinated takedowns of malicious infrastructure to date, demonstrating enhanced international cooperation in combating cybercrime. The scale of the operation suggests these networks were operating sophisticated, distributed infrastructure capable of supporting large-scale criminal activities.
Qualys researchers have disclosed a set of vulnerabilities dubbed 'CrackArmor' affecting AppArmor, the mandatory access control framework used in Ubuntu and other Linux distributions. The flaws could allow attackers to achieve root access and escape container environments on an estimated 12.6 million Linux systems.
AppArmor serves as a critical security boundary in Linux systems, particularly in containerized environments where it helps enforce security policies. Vulnerabilities in this component represent significant risk to infrastructure security, especially given the widespread adoption of Linux in enterprise and cloud environments.
The research highlights ongoing challenges in securing foundational Linux security components, where flaws can have cascading effects across millions of systems.
A SQL injection vulnerability in the Ally WordPress plugin has exposed over 200,000 websites to potential data theft. While a patch has been released by the plugin developers, security researchers indicate that the majority of installations remain unpatched and vulnerable to exploitation.
The vulnerability allows attackers to execute arbitrary SQL queries against the underlying database, potentially extracting sensitive user data, credentials, and other confidential information. Given WordPress's dominant market share and the popularity of the affected plugin, this represents a significant attack surface for cybercriminals.
The slow patch adoption rate demonstrates persistent challenges in WordPress ecosystem security, where plugin vulnerabilities often remain unaddressed for extended periods due to inconsistent update practices among site administrators.
Originally reported by Hackread