Please turn on your JavaScript for this page to function normally.
backdoor
Compromised plugins found on WordPress.org

An unknown threat actor has compromised five (and possibly more) WordPress plugins and injected them with code that creates a new admin account, effectively allowing them …

WordPress
Securing your WordPress website against ransomware attacks

It’s no surprise to anyone who works in security that there’s been an explosion in ransomware incidents over the last two years, costing companies across various industries …

WordPress
Attackers tried to grab WordPress configuration files from over a million sites

A threat actor that attempted to insert a backdoor into nearly a million WordPress-based sites in early May (and continued to try throughout the month), tried to grab …

WordPress
Nearly a million WordPress sites targeted in extensive attacks

A threat actor is actively trying to insert a backdoor into and compromise WordPress-based sites to redirect visitors to malvertising. “While our records show that this …

WordPress
Free trojanized WordPress themes lead to widespread compromise of web servers

Over 20,000 web servers (and who knows how many websites) have been compromised via trojanized WordPress themes to deliver malware through malicious ads, Prevailion …

WordPress
Attackers are exploiting vulnerable WP plugins to backdoor sites

A group of attackers that has been injecting WordPress-based sites with a script redirecting visitors to malicious and fraudulent pages has now also started backdooring the …

WordPress
Attackers are exploiting WordPress plugin flaw to inject malicious scripts

Attackers are leveraging an easily exploitable bug in the popular WP Live Chat Support plugin to inject a malicious JavaScript in vulnerable sites, Zscaler warns. The company …

payment card
Magecart hacks Shopper Approved to simultaneously hit many e-commerce sites

The cybercriminal groups under the Magecart umbrella strike again and again, and one of them has apparently specialized in compromising third parties to more easily get in as …

WordPress
WP Security Audit Log: Keeping a watchful eye on your WordPress sites

WordPress is, without a doubt, the most popular website management system in use. The latest statistics put the number of websites running on WordPress over 60 million, and …

WordPress
Fake SEO plugin backdoors WordPress installations

Administrators of WordPress sites, beware! A fake SEO plugin is being used by attackers to compromise WP installations. The plugin in question is named WP-Base-SEO, and is a …

Cisco WebEx
Cisco WebEx extension opens Chrome users to drive-by malware attacks

Windows users who have the widely used Cisco WebEx extension installed on Chrome are in danger of getting silently hacked when visiting a malicious website. The vulnerability, …

Dunlop
Slew of WP-based business sites compromised to lead to ransomware

If an approach works well, there is no reason to change tack, and the masters of the SoakSoak botnet are obviously of the same belief. A year and a half after they have been …

Don't miss

Cybersecurity news