Display Widgets Plug-In Conducted Malware Attack Across 200,000 WordPress Sites
Approximately 200,000 websites running WordPress have been affected by a malware attack that used the Display Widgets plug-in to collect IP addresses.
WordPress Sites at Risk From PHP Code Execution
New attacks against unfinished installations of WordPress aim to give attackers admin access and the opportunity to run PHP code.
Relying on Data to Mitigate the Risk of WordPress Website Hijacking
To protect their WordPress sites from scammers, administrators must proactively patch and monitor their installations to weed out unwanted content.
Phony WordPress Domain Steals Cookies to Fool Web Admins
Cybercriminals have been stealing cookies and using a fraudulent WordPress API to impersonate users and take control of victims' browsing sessions.
PHP Will Incorporate Libsodium for Crypto
Starting with the release of version 7.2 at the end of this year, the core of PHP will use Libsodium by default for routine cryptographical operations.
The Webshell Game Continues
IBM X-Force researchers have noted a dramatic increase in the use of malicious webshell attacks throughout the first half of 2016.
WordPress Hack Redirects Users Randomly
Sucuri recently discovered a new WordPress hack that redirects users to malicious domains. Luckily, there are relatively easy ways to discover infections.
New Report Finds Zero-Day Vulnerabilities Increased in 2015
A recent threat report from Symantec found that zero-day vulnerabilities were found about once a week in 2015, representing a big increase from 2014.
Got WordPress? PHP C99 Webshell Attacks Increasing
IBM MSS X-Force researchers found that C99 webshell attacks are increasing, particularly against content management systems such as WordPress.
Bitcoin Lending Site LoanBase Hacked Through WordPress Vulnerability
Cybercriminals exploited a WordPress vulnerability to breach LoanBase, a bitcoin lending site, and they may have gained access to user info.