A vulnerability in the defunct OneTone WordPress theme plugin is being exploited to compromise entire sites while installing backdoor admin accounts.
Tag Archives: Backdoor
Signal: We’ll be eaten alive by EARN IT Act’s anti-encryption wolves
The Big Bad Wolves haven’t blown the house down but did come up with a way to “hold the three little pigs responsible for being delicious,” Signal said.
Thousands of Android apps contain undocumented backdoors, study finds
A study has found that thousands of legitimate Android apps are taking liberties or installing with capabilities that users wouldn’t expect to exist.
EARN IT Act threatens end-to-end encryption
The bill, which would undercut Section 230 protections for online publishing, presents itself as a way to stop online child abuse.
The Amazon Prime phishing attack that wasn’t…
When we followed the phishing trail, we found ourselves at a web page we weren’t expecting…
Malicious npm package taken down after Microsoft warning
Criminals have been caught trying to sneak a malicious package on to the popular Node.js platform npm (Node Package Manager).
Apple says no to unlocking shooter’s phone; AG and Trump lash back
Attorney General Barr and President Trump are demanding Apple unlock the mass shooter’s iPhone. Apple replies: You can’t break just 1 phone.
Club Penguin Rewritten breach caused by rogue admin backdoor
The hugely popular gaming site Club Penguin Rewritten suffered a data breach that exposed 4m user accounts.
Backdoor discovered in Ruby strong_password library
An eagle-eyed developer has discovered a backdoor recently sneaked into a library (or ‘gem’) used by Ruby on Rails (RoR) web apps to check password strength.
ExtraPulsar backdoor based on leaked NSA code – what you need to know
A US security researcher has come up with an open-source Windows backdoor loosely based on NSA attack code that leaked back in 2017.