Wordfence
![backdoor](https://img.helpnetsecurity.com/wp-content/uploads/2024/04/02170809/backdoor-2-1500-400x200.webp)
Compromised plugins found on WordPress.org
An unknown threat actor has compromised five (and possibly more) WordPress plugins and injected them with code that creates a new admin account, effectively allowing them …
![Fortinet](https://img.helpnetsecurity.com/wp-content/uploads/2021/07/21124644/fortinet-logo-hns-400x200.jpg)
Researchers release PoC for Fortinet firewall flaw, exploitation attempts mount
Horizon3.ai researchers have released a PoC exploit for CVE-2022-40684, the authentication bypass vulnerability affecting Fortinet‘s firewalls and secure web gateways, …
![GoDaddy](https://img.helpnetsecurity.com/wp-content/uploads/2021/11/23110926/godaddy-hns-400x200.jpg)
GoDaddy breach: SSL keys, sFTP, database passwords of WordPress customers exposed
GoDaddy, the popular internet domain registrar and web hosting company, has suffered a data breach that affected over a million of their Managed WordPress customers. What …
![WordPress](https://img.helpnetsecurity.com/wp-content/uploads/2020/06/04181140/red-wordpress-logo-400x200.jpg)
Attackers tried to grab WordPress configuration files from over a million sites
A threat actor that attempted to insert a backdoor into nearly a million WordPress-based sites in early May (and continued to try throughout the month), tried to grab …
![WordPress](https://img.helpnetsecurity.com/wp-content/uploads/2020/05/06125223/wordpress-logo-fire-400x200.jpg)
Nearly a million WordPress sites targeted in extensive attacks
A threat actor is actively trying to insert a backdoor into and compromise WordPress-based sites to redirect visitors to malvertising. “While our records show that this …
![WordPress](https://img.helpnetsecurity.com/wp-content/uploads/2017/02/09105154/wordpress-400x200.jpg)
Attackers are exploiting vulnerable WP plugins to backdoor sites
A group of attackers that has been injecting WordPress-based sites with a script redirecting visitors to malicious and fraudulent pages has now also started backdooring the …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege