Please turn on your JavaScript for this page to function normally.
WordPress
Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)

A critical vulnerability (CVE-2025-4322) in Motors, a WordPress theme popular with car/motor dealerships and rental services, can be easily exploited by unauthenticated …

backdoor
Compromised plugins found on WordPress.org

An unknown threat actor has compromised five (and possibly more) WordPress plugins and injected them with code that creates a new admin account, effectively allowing them …

Fortinet
Researchers release PoC for Fortinet firewall flaw, exploitation attempts mount

Horizon3.ai researchers have released a PoC exploit for CVE-2022-40684, the authentication bypass vulnerability affecting Fortinet‘s firewalls and secure web gateways, …

GoDaddy
GoDaddy breach: SSL keys, sFTP, database passwords of WordPress customers exposed

GoDaddy, the popular internet domain registrar and web hosting company, has suffered a data breach that affected over a million of their Managed WordPress customers. What …

WordPress
Attackers tried to grab WordPress configuration files from over a million sites

A threat actor that attempted to insert a backdoor into nearly a million WordPress-based sites in early May (and continued to try throughout the month), tried to grab …

WordPress
Nearly a million WordPress sites targeted in extensive attacks

A threat actor is actively trying to insert a backdoor into and compromise WordPress-based sites to redirect visitors to malvertising. “While our records show that this …

WordPress
Attackers are exploiting vulnerable WP plugins to backdoor sites

A group of attackers that has been injecting WordPress-based sites with a script redirecting visitors to malicious and fraudulent pages has now also started backdooring the …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools