Wednesday, May 21, 2025

Wordpress

Hackers Exploit Multiple WordPress Plugins to Hack Websites & Create Rogue Admin Accounts

Wordfence Threat Intelligence team identified a significant security breach involving multiple WordPress plugins.  The initial discovery was made when the team found that the Social...

Mal.Metrica Malware Hijacks 17,000+ WordPress Sites

Infected websites mimic legitimate human verification prompts (CAPTCHAs) to trick users, who often request seemingly innocuous clicks, resembling past CAPTCHA challenges.  Clicking initiates a malicious...

Sign1 Malware Hijacked 39,000 WordPress Websites

A client's website was experiencing random pop-ups as server side scanner logs revealed a JavaScript injection related to Sign1, which is a malware campaign...

Discontinued WordPress Plugin Flaw Exposes Websites to Cyber Attacks

A critical vulnerability was discovered in two plugins developed by miniOrange. The affected plugins, miniOrange’s Malware Scanner and Web Application Firewall, contained a severe...

Hacked WordPress Sites Using Visitors’ Browsers For Distributed Brute Force Attacks

Researchers recently uncovered distributed brute force attacks on target WordPress websites using the browsers of innocent site visitors.  A recent increase in website hacking that targets...

Hackers Exploit WordPress Plugin Flaw to Deploy Godzilla Web Shell

Hackers have been found exploiting a vulnerability in a WordPress Plugin 3DPrint Lite(CVE-2021-4436) to deploy the notorious Godzilla Web Shell. This malicious activity significantly...

WordPress Plugin Flaw Exposes 200,000+ Websites for Hacking

A critical security flaw has been identified in the Ultimate Member plugin for WordPress, which could potentially put over 200,000 websites at risk. The...

WordPress Plugin Flaw Exposes 90K+ Websites to Hack Attack

Over 90,000 websites are currently at risk due to a vulnerability found in the WordPress Backup Migration Plugin. This vulnerability has enabled unauthenticated remote...