searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Newsletters
  • (IN)SECURE Magazine

WordPress

Get our top stories in your inbox

Attackers tried to grab WordPress configuration files from over a million sites

June 5, 2020

A threat actor that attempted to insert a backdoor into nearly a million WordPress-based sites in early May (and continued to try throughout the month), tried to grab …

Nearly a million WordPress sites targeted in extensive attacks

May 6, 2020

A threat actor is actively trying to insert a backdoor into and compromise WordPress-based sites to redirect visitors to malvertising. “While our records show that this …

WordPress and Apache Struts weaponized vulnerabilities on the rise

March 17, 2020

Vulnerabilities in leading web and application frameworks, if exploited, can have devastating effects like the Equifax breach which affected 147 million people, according to …

Free trojanized WordPress themes lead to widespread compromise of web servers

February 19, 2020

Over 20,000 web servers (and who knows how many websites) have been compromised via trojanized WordPress themes to deliver malware through malicious ads, Prevailion …

Attackers are exploiting vulnerable WP plugins to backdoor sites

September 3, 2019

A group of attackers that has been injecting WordPress-based sites with a script redirecting visitors to malicious and fraudulent pages has now also started backdooring the …

Attackers are exploiting WordPress plugin flaw to inject malicious scripts

May 30, 2019

Attackers are leveraging an easily exploitable bug in the popular WP Live Chat Support plugin to inject a malicious JavaScript in vulnerable sites, Zscaler warns. The company …

WordPress updates are digitally signed at last!

May 8, 2019

WordPress 5.2 is out and brings a number of functional improvements, but the great news for those who are worried about the security of their installation is the …

Busting the security myth: Should I use WordPress for my website?

August 17, 2018

WordPress has been around for 15 years. Today it powers around 30% of the top 10 million websites on the internet. Being such a popular platform, WordPress has been in the …

WP Security Audit Log: Keeping a watchful eye on your WordPress sites

July 9, 2018

WordPress is, without a doubt, the most popular website management system in use. The latest statistics put the number of websites running on WordPress over 60 million, and …

Traffic manipulation and cryptocurrency mining campaign compromised 40,000+ machines

June 7, 2018

Unknown attackers have compromised 40,000+ servers, networking and IoT devices around the world and are using them to mine Monero and redirect traffic to websites hosting tech …

Security researchers sinkholed EITest infection chain

April 16, 2018

Security researchers have managed to neutralize “EITest,” one of the oldest infection chains and thus preventing as many as two million potential malicious …

Thousands of WP, Joomla and SquareSpace sites serving malicious updates

April 13, 2018

Thousands of compromised WordPress, Joomla and SquareSpace-based sites are actively pushing malware disguised as Firefox, Chrome and Flash Player updates to visitors. This …

Posts navigation

1 2 3 4 5 … 8
bot

What analytics can unveil about bot mitigation tactics

  • Understanding third-party hacks in the aftermath of the SolarWinds breach
  • Minimizing cyberattacks by managing the lifecycle of non-human workers
Top videoconferencing attacks and security best practices

What's new

week in review

Week in review: Pen testing, Sunspot malware, Microsoft plugs Defender zero-day

gap

Understanding third-party hacks in the aftermath of the SolarWinds breach

email

Phishers count on remotely hosted images to bypass email filters

bot

What analytics can unveil about bot mitigation tactics

Don't miss

bot

What analytics can unveil about bot mitigation tactics

gap

Understanding third-party hacks in the aftermath of the SolarWinds breach

email

Phishers count on remotely hosted images to bypass email filters

bot

Minimizing cyberattacks by managing the lifecycle of non-human workers

containers

Most containers are running as root, which increases runtime security risk

Help Net Security - Daily information security news with a focus on enterprise security.
Follow us
  • Features
  • News
  • Expert Analysis
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Newsletters
  • Twitter

In case you’ve missed it

  • Securing the connected home: A joint task for homeowners and their ISP
  • Cybersecurity sales: Do you have what it takes to succeed?
  • How do I select a data control solution for my business?
  • How do I select cyber insurance for my business?

(IN)SECURE Magazine ISSUE 67 (November 2020)

  • Hardware security: Emerging attacks and protection mechanisms
  • Justifying your 2021 cybersecurity budget
  • Cooking up secure code: A foolproof recipe for open source
  • Mapping the motives of insider threats
Read online
© Copyright 1998-2021 by Help Net Security
Read our privacy policy | About us | Advertise