Researchers have identified a new variant of the ClickFix fake browser update malware distributed through malicious WordPress plugins. These plugins,…
A critical vulnerability has been discovered in the GiveWP plugin, a popular WordPress donation and fundraising platform. This vulnerability, CVE-2024-5932,…
Hackers have been actively exploiting a critical vulnerability in the WordPress plugin 简数采集器 (Keydatas). The vulnerability, CVE-2024-6220, allows unauthenticated threat…
The SocGholish downloader has been in operation since 2017 and it is still evolving. This malware, which poses as a…
Wordfence Threat Intelligence team identified a significant security breach involving multiple WordPress plugins. The initial discovery was made when the…
Infected websites mimic legitimate human verification prompts (CAPTCHAs) to trick users, who often request seemingly innocuous clicks, resembling past CAPTCHA…
A client's website was experiencing random pop-ups as server side scanner logs revealed a JavaScript injection related to Sign1, which…
A critical vulnerability was discovered in two plugins developed by miniOrange. The affected plugins, miniOrange’s Malware Scanner and Web Application…
Researchers recently uncovered distributed brute force attacks on target WordPress websites using the browsers of innocent site visitors. A recent increase…
Hackers have been found exploiting a vulnerability in a WordPress Plugin 3DPrint Lite(CVE-2021-4436) to deploy the notorious Godzilla Web Shell.…