Find

Interview with ESET researcher, Zuzana Hromcová What is it like […]

A popular WordPress theme plugin that’s installed on some 200,000 websites has been found to contain a serious vulnerability that, if abused, could allow remote attackers to wipe the sites and gain admin access to them.

Many e-scooters rely on a combination of Bluetooth Low Energy (BLE) and the rider’s smartphone internet connection to run, as well as to send data to the service provider. This opens up a number of avenues for potential attacks.

Researchers at vpnMentor, who uncovered the leak, were able to access some 900,000 individual records. These ranged from before-and-after images and videos of cosmetic procedures to materials of a highly sensitive nature, including graphic photos of the patients’ private body parts. The origin of the records is not clear but it can be assumed that the leak affected NextMotion clients.