A million sites attacked by 20,000 different computers.
Tag Archives: Wordpress
Coronavirus delays trial of alleged Russian hacker a third time
Justice has already been slow in this case, and the pandemic isn’t helping: His trial has been postponed for a third time.
Flaw in defunct WordPress plugin exploited to create backdoor
A vulnerability in the defunct OneTone WordPress theme plugin is being exploited to compromise entire sites while installing backdoor admin accounts.
WordPress WooCommerce sites targeted by card swiper attacks
Credit card swipers have found a hard-to-detect way to target WordPress websites using the WooCommerce plugin by secretly modifying legitimate JavaScript files.
Don’t get locked out of your own website – update this WordPress plugin now!
In theory, crooks could mess up your site so vistors can’t see your content, then lock you out so you can’t jump in and fix it.
WordPress to get automatic updates for plugins and themes
Good news for website admins: the ability to automatically update plugins and themes is being beta-tested for WordPress 5.5, due in August.
XSS plugin vulnerabilities plague WordPress users
Thousands of active WordPress plugins have been hit with a swathe of XSS vulnerabilities that could give attackers complete control of the site.
The Amazon Prime phishing attack that wasn’t…
When we followed the phishing trail, we found ourselves at a web page we weren’t expecting…
WordPress plugin hole could have allowed attackers to wipe websites
A WordPress plugin with over 100,000 active installations had a bug that could have allowed unauthorised attackers to wipe its users’ blogs clean, it emerged this week.
Cookie-nabbing app could have served users side helping of XSS
A popular GDPR compliance WordPress plugin vendor has patched a flaw that rendered both site visitors and admins vulnerable to XSS attacks.