Three popular WordPress plugins, with tens of thousands of active installations, at once turned out to have critical SQL injection vulnerabilities. In addition, PoC exploits for these bugs are now publicly available. The vulnerabilities were discovered by Tenable, who notified WordPress developers about them back in mid-December 2022, providing them with proof-of-concept exploits. Currently, plugin… Continue reading Exploits for Vulnerabilities in Three Popular WordPress Plugins Appeared on the Network
Tag: WordPress
GoTrim Malware Hacks WordPress Sites
Fortinet specialists have discovered a new GoTrim malware written in Go that scans the Internet for WordPress sites and brute-forces them by guessing the administrator password. Such attacks can lead to the deployment of malware, the introduction of scripts on websites to steal bank cards, the placement of phishing pages, and other attack scenarios that… Continue reading GoTrim Malware Hacks WordPress Sites
Attackers Hacked 15,000 Websites to Poison SEO
Sucuri analysts have discovered a massive hacking campaign in which the attackers hacked about 15,000 sites, mostly running WordPress. Let me remind you that we also wrote that 0-day Vulnerability in WordPress BackupBuddy Plugin Attacked Over 5 million Times, and also that Ukraine Was Hit by DDoS Attacks from Hacked WordPress Sites. Attackers use compromised… Continue reading Attackers Hacked 15,000 Websites to Poison SEO
0-day Vulnerability in WordPress BackupBuddy Plugin Attacked Over 5 million Times
Wordfence analysts have discovered that a fresh 0-day vulnerability in the popular WordPress plugin, BackupBuddy, which has been installed about 140,000 times, is under active attack. Since August 26, 2022, there have been about 5,000,000 hack attempts. The BackupBuddy plugin allows users to backup their entire WordPress installation right from the dashboard, including theme files,… Continue reading 0-day Vulnerability in WordPress BackupBuddy Plugin Attacked Over 5 million Times
NetSupport and RaccoonStealer malware spreads masked as Cloudflare warnings
Unknown attackers hacked WordPress sites to send fake DDoS protection notifications supposedly coming from Cloudflare and through such fakes, the attackers users with NetSupport RAT and the RaccoonStealer infostealer (aka Raccoon). Let me remind you that we also talked about the fact that Hackers create scam e-commerce sites over hacked WordPress sites, and also that… Continue reading NetSupport and RaccoonStealer malware spreads masked as Cloudflare warnings
Cybersecurity Researchers Discovered a New Phishing Kit targeting PayPal Users
Akamai has identified a new phishing kit that is being installed on hacked WordPress sites and targets PayPal users. The malware tries to steal the personal information of the victims, and also asks to take a selfie with identity documents. Let me remind you that we also wrote that Iranian Spear-Phishing Operation Targets US And… Continue reading Cybersecurity Researchers Discovered a New Phishing Kit targeting PayPal Users
Ukraine Was Hit by DDoS Attacks from Hacked WordPress Sites
Ukrainian Computer Emergency Response Team (CERT-UA) said that Ukraine was hit by large-scale DDoS attacks. CERT-UA has published a report on ongoing DDoS attacks on Ukrainian websites and a government web portal. Unknown attackers compromise WordPress sites and inject malicious JavaScript code into the HTML structure. The script is base64 encoded to avoid detection like… Continue reading Ukraine Was Hit by DDoS Attacks from Hacked WordPress Sites
About 30% of critical vulnerabilities in WordPress plugins remain unpatched
Patchstack analysts have released a report on security and critical vulnerabilities in WordPress in 2021. Unfortunately, the picture turned out to be depressing, for example, it turned out that 29% of critical errors in WordPress plugins did not receive patches at all. In addition, the number of reported vulnerabilities has increased by 150% over the… Continue reading About 30% of critical vulnerabilities in WordPress plugins remain unpatched
Hackers create scam e-commerce sites over hacked WordPress sites
Akamai specialist Larry Cashdollar discovered a hacker group that uses hacked WordPress sites in an interesting way. First, hackers run fraudulent online stores over WordPress sites. Second, they poison XML maps to influence search results. Attackers use brute force attacks to gain access to the site administrator account, next they overwrite the main index file… Continue reading Hackers create scam e-commerce sites over hacked WordPress sites
KashmirBlack botnet is behind attacks on popular CMS including WordPress, Joomla and Drupal
Researchers from Imperva have found that the KashmirBlack botnet, active since the end of 2019, is behind attacks on hundreds of thousands of websites powered by popular CMS, including WordPress, Joomla, PrestaShop, Magneto, Drupal, vBulletin, osCommerce, OpenCart and Yeager. As a rule, a botnet uses the servers of infected resources to mine cryptocurrency, redirects legitimate… Continue reading KashmirBlack botnet is behind attacks on popular CMS including WordPress, Joomla and Drupal