A million sites attacked by 20,000 different computers.
Tag Archives: wordfence
Cookie-nabbing app could have served users side helping of XSS
A popular GDPR compliance WordPress plugin vendor has patched a flaw that rendered both site visitors and admins vulnerable to XSS attacks.
WordPress sites hit by malvertising
An old piece of malware is storming the WordPress community, enabling its perpetrators to take control of sites and inject code of their choosing.
Hackers are infecting WordPress sites via a defunct plug-in
If you’re a WordPress admin using a plug-in called Rich Reviews, you’ll want to uninstall it. Now.
WordPress sites are being backdoored with rogue admin users
A malvertising campaign has evolved to give hackers control of entire sites.
Update now! WordPress abandoned cart plugin under attack
Hackers have been spotted targeting websites running unpatched versions of the WordPress plugin Abandoned Cart for WooCommerce.
Massive botnet chews through 20,000 WordPress sites
Attackers have infected 20,000 WordPress sites by brute-forcing administrator usernames and passwords.
WordPress GDPR compliance plugin hacked
There’s no obvious executable payload in the attack but the attackers may be building a collection of websites and biding their time.