A researcher at security firm Cyllective has unearthed vulnerabilities in dozens of WordPress plugins, affecting tens of thousands of installations. Dave Miller, who leads Cyllective’s penetration testing team,...
Security researchers have detected a massive campaign that scanned close to 1.6 million WordPress sites for the presence of a vulnerable plugin that allows uploading files...
A newly discovered phishing kit targeting PayPal users is trying to steal a large set of personal information from victims that includes government identification documents and...
WordPress sites using Ninja Forms, a forms builder plugin with more than 1 million installations, have been force-updated en masse this week to a new build...
Online accounts getting hijacked and misused is an everyday occurrence, but did you know that account pre-hijacking attacks are also possible? Inspired by previous research on...
A critical vulnerability present among 90,000-plus active installations of the Jupiter WordPress theme allows for the takeover of target websites. Although attackers must be authenticated to exploit the...
WordPress security analysts have discovered a set of vulnerabilities impacting the Jupiter Theme and JupiterX Core plugins for WordPress, one of which is a critical privilege...
Hackers are massively exploiting a remote code execution vulnerability, CVE-2021-25094, in the Tatsu Builder plugin for WordPress, which is installed on about 100,000 websites. Up to 50,000...
Attackers are abusing the Certificate Transparency (CT) system to compromise new WordPress sites in the typically brief window of time before the content management system (CMS) has been...
Payment card skimmers are becoming more common in exploit kits affecting WordPress websites and attackers are spending more time customizing them to avoid detection, Sucuri’s latest...
Recent Comments