Mur d'images - Cyberveille

curated by Decio

Hidden Malware Strikes Again: Mu-Plugins Under Attack

Hidden Backdoors Uncovered in WordPress Malware Investigation

Jetpack fixes critical information disclosure flaw existing since 2016

Cyble Honeypot Sensors Detect WordPress Plugin Attack, New Banking Trojan

Critical Account Takeover in LiteSpeed Cache Plugin

Malicious Plugin

Litespeed Cache bug exposes millions of WordPress sites to takeover attacks

Hackers target WordPress calendar plugin used by 150,000 sites

WP Automatic WordPress plugin hit by millions of SQL injection attacks

Unauthenticated function injection vulnerability in WordPress Shortcode Addons plugin (unpatched). – NinTechNet

Balada Injector Infects Over 7,100 WordPress Sites Using Plugin Vulnerability

Balada Injector Targets Unpatched tagDiv Plugin, Newspaper Theme & WordPress Admins

WordPress plugin installed on 1 million+ sites logged plaintext passwords

‘Gravity Forms’ WordPress Plugin Found Vulnerable to PHP Object Injection

Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign

The Race to Patch: Attackers Leverage Sample Exploit Code in Wordpress Plugin | Akamai

WordPress Advanced Custom Fields Pro plugin <= 6.1.5 - Reflected Cross Site Scripting (XSS) vulnerability

PSA: Nearly 5 Million Attacks Blocked Targeting 0-Day in BackupBuddy Plugin

Critical Vulnerabilities in PHP Everywhere Allow Remote Code Execution