Originally reported by BleepingComputer, Malwarebytes Labs
TL;DR
High-profile breaches hit the European Commission and FBI Director Patel's personal email, while a Smart Slider WordPress plugin vulnerability threatens 500,000 sites with arbitrary file access.
Multiple high-profile breaches including European Commission and FBI Director's personal email by Iranian threat actors, combined with a WordPress plugin vulnerability affecting 500K sites.
A series of significant security incidents emerged this week, highlighted by breaches of major government entities and a widespread WordPress vulnerability affecting half a million sites.
The European Commission acknowledged a data breach following a cyberattack on its Europa.eu web platform, according to BleepingComputer reporting. The ShinyHunters extortion gang claimed responsibility for the compromise, marking another high-profile target for the notorious cybercriminal group.
The breach represents a significant security incident given the European Commission's role as the executive arm of the European Union. Details regarding the scope of compromised data and the attack vector remain under investigation.
The FBI confirmed that Handala hackers, associated with Iranian threat actors, successfully breached FBI Director Kash Patel's personal email account. The attackers published photos and documents obtained from the compromise, demonstrating their access to sensitive communications.
This incident highlights the persistent targeting of high-ranking U.S. officials by Iranian cyber operations, extending attacks beyond official government systems to personal accounts of key leadership figures.
Security researchers identified a critical vulnerability in the Smart Slider 3 WordPress plugin that allows subscriber-level users to access arbitrary files on affected servers. The flaw impacts over 500,000 of the plugin's 800,000+ active installations.
The vulnerability represents a significant privilege escalation issue, enabling low-privilege users to potentially access sensitive server files including configuration data and credentials. Website administrators should immediately update the plugin to address this security gap.
Microsoft pulled the KB5079391 Windows 11 non-security preview update due to widespread installation errors. Users reported encountering 0x80073712 error codes during the update process, prompting Microsoft to withdraw the release for investigation.
While not a security issue, the problematic update deployment demonstrates the ongoing challenges in enterprise patch management and the importance of testing update rollouts before widespread distribution.
Malwarebytes Labs published their weekly security roundup covering developments from March 23-29, providing additional context on emerging threats and security trends during this active period for cyber incidents.
Originally reported by BleepingComputer, Malwarebytes Labs
