A threat actor that attempted to insert a backdoor into nearly a million WordPress-based sites in early May (and continued to try throughout the month), tried to grab …

A threat actor is actively trying to insert a backdoor into and compromise WordPress-based sites to redirect visitors to malvertising. “While our records show that this …

Over 20,000 web servers (and who knows how many websites) have been compromised via trojanized WordPress themes to deliver malware through malicious ads, Prevailion …

A group of attackers that has been injecting WordPress-based sites with a script redirecting visitors to malicious and fraudulent pages has now also started backdooring the …

Attackers are leveraging an easily exploitable bug in the popular WP Live Chat Support plugin to inject a malicious JavaScript in vulnerable sites, Zscaler warns. The company …

The cybercriminal groups under the Magecart umbrella strike again and again, and one of them has apparently specialized in compromising third parties to more easily get in as …

WordPress is, without a doubt, the most popular website management system in use. The latest statistics put the number of websites running on WordPress over 60 million, and …

Administrators of WordPress sites, beware! A fake SEO plugin is being used by attackers to compromise WP installations. The plugin in question is named WP-Base-SEO, and is a …

Windows users who have the widely used Cisco WebEx extension installed on Chrome are in danger of getting silently hacked when visiting a malicious website. The vulnerability, …

If an approach works well, there is no reason to change tack, and the masters of the SoakSoak botnet are obviously of the same belief. A year and a half after they have been …

If you are one of the 10,000+ users of the Custom Content Type Manager (CCTM) WordPress plugin, consider your site to be compromised and proceed to clean your installation up, …