Tag: wordpress
-
Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks
Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress sites to make malicious JavaScript injections that are designed to redirect users to sketchy sites.”Site visitors get injected content that was drive-by malware like fake Cloudflare verification,” Sucuri researcher Puja Srivastava said in an analysis published last week.The website security company First seen on…
-
Hackers exploit auth bypass in Service Finder WordPress theme
Threat actors are actively exploiting a critical vulnerability in the Service Finder WordPress theme that allows them to bypass authentication and log in as administrators. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-in-service-finder-wordpress-theme/
-
Detour Dog und die DNS-TXT-Kommunikation eine neue Dimension der Malware-Verteilung
Die Malware-Kampagne von Detour Dog ist schon lange aktiv. In WordPress-Blogs bettete man dafür ein ausgeklügeltes JavaScript ein. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/cyberangriffe/detour-dog-und-die-dns-txt-kommunikation-eine-neue-dimension-der-malware-verteilung-321394.html
-
New Botnet ‘Loader-as-a-Service’ Turns Home Routers and IoT into Mirai Farms
CloudSEK has uncovered a sophisticated Loader-as-a-Service botnet campaign spanning the last six months, leveraging exposed command-and-control logs to orchestrate attacks against SOHO routers, embedded Linux devices, and enterprise applications. The threat actors exploit unsanitized POST parameters”, such as NTP, syslog, and hostname fields”, alongside default credentials and known CVEs in WebLogic, WordPress, and vBulletin systems…
-
Hackers Deploy Stealthy Malware on WordPress Sites to Gain Admin Access
Attackers have stepped up their tactics by deploying stealthy backdoors disguised as legitimate WordPress components, ensuring persistent administrative access even after other malware is discovered and removed. Their deceptive appearances belied their dangerous functions: one impersonated a plugin, the other camouflaged itself as a core file. Together, they formed a resilient system that gave hackers…
-
WordPress Plugin Vulnerability Let Attackers Bypass Authentication via Social Login
A critical vulnerability in the Case Theme User plugin for WordPress allows unauthenticated attackers to hijack any account on vulnerable sites, including administrative accounts, by exploiting the social login feature. Site owners are urged to update immediately. On May 31, 2025, Wordfence Intelligence received a report of an Authentication Bypass via Social Login vulnerability in…
-
Survey Surfaces Raft of WordPress Cybersecurity Concerns
A survey of 264 professionals that maintain websites based on the WordPress content management system (CMS) finds 96% have been impacted by at least one security incident/event, with just under two-thirds of those respondents (64%) having suffered a full breach. Conducted by Melapress, a provider of cybersecurity plug-ins for WordPress sites, the survey also finds..…
-
WordPress Woes Continue Amid ClickFix Attacks, TDS Threats
Vulnerable and malicious plug-ins are giving threat actors the ability to compromise WordPress sites and use them as a springboard to a variety of cyber threats and scams. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/wordpress-woes-clickfix-attacks-tds-threats
-
High-Risk SQLi Flaw Exposes WordPress Memberships Plugin Users
A vulnerability in the WordPress Paid Memberships Subscription plugin could lead to unauthenticated SQL injection on affected sites First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/sqli-threat-wordpress-memberships/
-
ShadowCaptcha Exploit: Massive WordPress Site Compromise Used to Execute Malicious Commands on Victims
A large-scale cybercrime conspiracy known as ShadowCaptcha was made public by cybersecurity researchers at Israel’s National Digital Agency. This campaign exploits the ClickFix technique, deploying deceptive CAPTCHA interfaces mimicking legitimate services like Cloudflare or Google to manipulate users into running malicious commands. The operation, traced through compromised WordPress websites, represents a sophisticated blend of social…
-
ShadowCaptcha Exploit: Massive WordPress Site Compromise Used to Execute Malicious Commands on Victims
A large-scale cybercrime conspiracy known as ShadowCaptcha was made public by cybersecurity researchers at Israel’s National Digital Agency. This campaign exploits the ClickFix technique, deploying deceptive CAPTCHA interfaces mimicking legitimate services like Cloudflare or Google to manipulate users into running malicious commands. The operation, traced through compromised WordPress websites, represents a sophisticated blend of social…
-
Help TDS Hacks Legitimate Websites, Using PHP Templates to Display Fake Microsoft Security Alerts
GoDaddy Security researchers have unveiled a detailed analysis of Help TDS, a sophisticated Traffic Direction System operational since at least 2017, which exploits compromised websites to funnel traffic toward malicious scams. This operation supplies affiliates with PHP code templates that are injected into legitimate sites, primarily WordPress installations, to redirect visitors to fraudulent pages mimicking…
-
Help TDS Hacks Legitimate Websites, Using PHP Templates to Display Fake Microsoft Security Alerts
GoDaddy Security researchers have unveiled a detailed analysis of Help TDS, a sophisticated Traffic Direction System operational since at least 2017, which exploits compromised websites to funnel traffic toward malicious scams. This operation supplies affiliates with PHP code templates that are injected into legitimate sites, primarily WordPress installations, to redirect visitors to fraudulent pages mimicking…
-
70,000 WordPress Sites Exposed by Inspiro Theme Security Flaw
A critical security vulnerability, officially tracked as CVE-2025-8592, has been identified in the popular Inspiro WordPress theme. The flaw, affecting over 70,000 active installations, enables unauthenticated attackers to exploit a Cross-Site Request Forgery (CSRF) vulnerability that could allow arbitrary plugin installations without user consent. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/csrf-flaw-cve-2025-8592/
-
Efimer Trojan Targets Crypto Wallets Using Phony Legal Notices and Booby-Trapped Torrents
The Efimer Trojan has emerged as a potent ClipBanker-type malware, primarily designed to steal cryptocurrency by intercepting and swapping wallet addresses in victims’ clipboards. First detected in October 2024, Efimer named after a comment in its decrypted script has evolved into a multifaceted threat, spreading via compromised WordPress sites, malicious torrents, and targeted email campaigns.…
-
Efimer Malicious Script Spreads via WordPress Sites, Torrents, and Email in Massive Attack Wave
Kaspersky researchers have uncovered a widespread campaign involving the Efimer malicious script, a sophisticated Trojan-dropper primarily aimed at stealing cryptocurrency. First detected in June 2025, the malware impersonates legal correspondence from major companies, accusing recipients of domain name infringements and attaching malicious archives that deploy the Efimer stealer. ‘ Named after a comment in its…
-
Over 60 Malicious RubyGems Packages Used to Steal Social Media and Marketing Credentials
Socket’s Threat Research Team has exposed a persistent campaign involving over 60 malicious RubyGems packages that masquerade as automation tools for platforms like Instagram, Twitter/X, TikTok, WordPress, Telegram, Kakao, and Naver. Active since at least March 2023, the threat actor operating under aliases such as zon, nowon, kwonsoonje, and soonje has deployed these gems to…
-
Pi-hole Data Breach Exposes Donor Emails Through WordPress Plugin Flaw
A trusted name in open-source privacy software is facing tough questions after a recent data breach exposed donor names and email addresses. Here’s what happened, why it matters, and what you need to know. What Happened? On July 28, 2025, members of the Pi-hole community reported suspicious emails sent to addresses used only for Pi-hole……
-
Pi-hole discloses data breach triggered by WordPress plugin flaw
Pi-hole, a popular network-level ad-blocker, has disclosed that donor names and email addresses were exposed through a security vulnerability in the GiveWP WordPress donation plugin. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pi-hole-discloses-data-breach-via-givewp-wordpress-plugin-flaw/
-
Pi-hole discloses data breach via GiveWp WordPress plugin flaw
Pi-hole, a popular network-level ad-blocker, has disclosed that donor names and email addresses were exposed through a security vulnerability in the GiveWP WordPress donation plugin. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pi-hole-discloses-data-breach-via-givewp-wordpress-plugin-flaw/
-
Bug in WordPress-Plugin: Daten aller Pi-hole-Spender geleakt
Durch einen Fehler im WordPress-Plugin GiveWP konnten Namen und E-Mail-Adressen aller Unterstützer des Pi-hole-Projektes einfach ausgelesen werden. First seen on golem.de Jump to article: www.golem.de/news/bug-in-wordpress-plugin-daten-aller-pi-hole-spender-geleakt-2508-198722.html
-
40,000 WordPress websites at risk of being hijacked due to vulnerable Post SMTP plugin
Over 40,000 websites running a vulnerable version of a popular WordPress plugin could be at risk of being hijacked by hackers. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/200-000-wordpress-websites-at-risk-of-being-hijacked-due-to-vulnerable-post-smtp-plugin
-
WordPress AI Engine Plugin Bug Allows Remote Code Execution Update Now
A security flaw affecting over 100,000 WordPress websites has been discovered in the AI Engine plugin, specifically impacting versions 2.9.3 and 2.9.4. The vulnerability, classified as an arbitrary file upload vulnerability, allows authenticated users, starting from subscriber-level access, to upload malicious files and potentially gain remote code execution (RCE) privileges on the server. This type…
-
8 Best wordpress security plugins in 2025
Protect your site with the best WordPress Security plugin of 2025. Block threats, scan for malware, and secure logins with top-rated tools First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/8-best-wordpress-security-plugins-in-2025/
-
Attackers actively exploit critical zero-day in Alone WordPress Theme
Hackers exploit a critical vulnerability, tracked as CVE-2025-5394 (CVSS score of 9.8), in the Alone WordPress theme to hijack sites. Threat actors are actively exploiting a critical flaw, tracked as CVE-2025-5394 (CVSS score of 9.8), in the >>Alone Charity Multipurpose Non-profit WordPress Theme
-
Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install
Threat actors are actively exploiting a critical security flaw in “Alone Charity Multipurpose Non-profit WordPress Theme” to take over susceptible sites.The vulnerability, tracked as CVE-2025-5394, carries a CVSS score of 9.8. Security researcher Thái An has been credited with discovering and reporting the bug.According to Wordfence, the shortcoming relates to an arbitrary file upload First…
-
Hackers actively exploit critical RCE in WordPress Alone theme
Threat actors are actively exploiting a critical unauthenticated arbitrary file upload vulnerability in the WordPress theme ‘Alone,’ to achieve remote code execution and perform a full site takeover. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-actively-exploit-critical-rce-in-wordpress-alone-theme/