Tag: wordpress
-
Help TDS Hacks Legitimate Websites, Using PHP Templates to Display Fake Microsoft Security Alerts
GoDaddy Security researchers have unveiled a detailed analysis of Help TDS, a sophisticated Traffic Direction System operational since at least 2017, which exploits compromised websites to funnel traffic toward malicious scams. This operation supplies affiliates with PHP code templates that are injected into legitimate sites, primarily WordPress installations, to redirect visitors to fraudulent pages mimicking…
-
Help TDS Hacks Legitimate Websites, Using PHP Templates to Display Fake Microsoft Security Alerts
GoDaddy Security researchers have unveiled a detailed analysis of Help TDS, a sophisticated Traffic Direction System operational since at least 2017, which exploits compromised websites to funnel traffic toward malicious scams. This operation supplies affiliates with PHP code templates that are injected into legitimate sites, primarily WordPress installations, to redirect visitors to fraudulent pages mimicking…
-
70,000 WordPress Sites Exposed by Inspiro Theme Security Flaw
A critical security vulnerability, officially tracked as CVE-2025-8592, has been identified in the popular Inspiro WordPress theme. The flaw, affecting over 70,000 active installations, enables unauthenticated attackers to exploit a Cross-Site Request Forgery (CSRF) vulnerability that could allow arbitrary plugin installations without user consent. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/csrf-flaw-cve-2025-8592/
-
Efimer Trojan Targets Crypto Wallets Using Phony Legal Notices and Booby-Trapped Torrents
The Efimer Trojan has emerged as a potent ClipBanker-type malware, primarily designed to steal cryptocurrency by intercepting and swapping wallet addresses in victims’ clipboards. First detected in October 2024, Efimer named after a comment in its decrypted script has evolved into a multifaceted threat, spreading via compromised WordPress sites, malicious torrents, and targeted email campaigns.…
-
Efimer Malicious Script Spreads via WordPress Sites, Torrents, and Email in Massive Attack Wave
Kaspersky researchers have uncovered a widespread campaign involving the Efimer malicious script, a sophisticated Trojan-dropper primarily aimed at stealing cryptocurrency. First detected in June 2025, the malware impersonates legal correspondence from major companies, accusing recipients of domain name infringements and attaching malicious archives that deploy the Efimer stealer. ‘ Named after a comment in its…
-
Over 60 Malicious RubyGems Packages Used to Steal Social Media and Marketing Credentials
Socket’s Threat Research Team has exposed a persistent campaign involving over 60 malicious RubyGems packages that masquerade as automation tools for platforms like Instagram, Twitter/X, TikTok, WordPress, Telegram, Kakao, and Naver. Active since at least March 2023, the threat actor operating under aliases such as zon, nowon, kwonsoonje, and soonje has deployed these gems to…
-
Pi-hole Data Breach Exposes Donor Emails Through WordPress Plugin Flaw
A trusted name in open-source privacy software is facing tough questions after a recent data breach exposed donor names and email addresses. Here’s what happened, why it matters, and what you need to know. What Happened? On July 28, 2025, members of the Pi-hole community reported suspicious emails sent to addresses used only for Pi-hole……
-
Pi-hole discloses data breach triggered by WordPress plugin flaw
Pi-hole, a popular network-level ad-blocker, has disclosed that donor names and email addresses were exposed through a security vulnerability in the GiveWP WordPress donation plugin. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pi-hole-discloses-data-breach-via-givewp-wordpress-plugin-flaw/
-
Pi-hole discloses data breach via GiveWp WordPress plugin flaw
Pi-hole, a popular network-level ad-blocker, has disclosed that donor names and email addresses were exposed through a security vulnerability in the GiveWP WordPress donation plugin. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pi-hole-discloses-data-breach-via-givewp-wordpress-plugin-flaw/
-
Bug in WordPress-Plugin: Daten aller Pi-hole-Spender geleakt
Durch einen Fehler im WordPress-Plugin GiveWP konnten Namen und E-Mail-Adressen aller Unterstützer des Pi-hole-Projektes einfach ausgelesen werden. First seen on golem.de Jump to article: www.golem.de/news/bug-in-wordpress-plugin-daten-aller-pi-hole-spender-geleakt-2508-198722.html
-
WordPress AI Engine Plugin Bug Allows Remote Code Execution Update Now
A security flaw affecting over 100,000 WordPress websites has been discovered in the AI Engine plugin, specifically impacting versions 2.9.3 and 2.9.4. The vulnerability, classified as an arbitrary file upload vulnerability, allows authenticated users, starting from subscriber-level access, to upload malicious files and potentially gain remote code execution (RCE) privileges on the server. This type…
-
40,000 WordPress websites at risk of being hijacked due to vulnerable Post SMTP plugin
Over 40,000 websites running a vulnerable version of a popular WordPress plugin could be at risk of being hijacked by hackers. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/200-000-wordpress-websites-at-risk-of-being-hijacked-due-to-vulnerable-post-smtp-plugin
-
8 Best wordpress security plugins in 2025
Protect your site with the best WordPress Security plugin of 2025. Block threats, scan for malware, and secure logins with top-rated tools First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/8-best-wordpress-security-plugins-in-2025/
-
Attackers actively exploit critical zero-day in Alone WordPress Theme
Hackers exploit a critical vulnerability, tracked as CVE-2025-5394 (CVSS score of 9.8), in the Alone WordPress theme to hijack sites. Threat actors are actively exploiting a critical flaw, tracked as CVE-2025-5394 (CVSS score of 9.8), in the >>Alone Charity Multipurpose Non-profit WordPress Theme
-
Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install
Threat actors are actively exploiting a critical security flaw in “Alone Charity Multipurpose Non-profit WordPress Theme” to take over susceptible sites.The vulnerability, tracked as CVE-2025-5394, carries a CVSS score of 9.8. Security researcher Thái An has been credited with discovering and reporting the bug.According to Wordfence, the shortcoming relates to an arbitrary file upload First…
-
Hackers actively exploit critical RCE in WordPress Alone theme
Threat actors are actively exploiting a critical unauthenticated arbitrary file upload vulnerability in the WordPress theme ‘Alone,’ to achieve remote code execution and perform a full site takeover. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-actively-exploit-critical-rce-in-wordpress-alone-theme/
-
WordPress Theme Security Vulnerability Enables to Execute Arbitrary Code Remotely
A critical security vulnerability has been discovered in the popular >>Alone
-
200,000 WordPress websites at risk of being hijacked due to vulnerable Post SMTP plugin
Over 200,000 websites running a vulnerable version of a popular WordPress plugin could be at risk of being hijacked by hackers. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/200-000-wordpress-websites-at-risk-of-being-hijacked-due-to-vulnerable-post-smtp-plugin
-
Post SMTP Plugin Flaw Allowed Subscribers to Take Over Admin Accounts
If you’re running a WordPress site and rely on the Post SMTP plugin for email delivery, there’s something… First seen on hackread.com Jump to article: hackread.com/post-smtp-plugin-flaw-subscribers-over-admin-accounts/
-
Critical Flaws in WordPress Plugin Leave 10,000 Sites Vulnerable
10,000 WordPress sites vulnerable to takeover due to critical flaws in HT Contact Form Widget plugin First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/flaws-wordpress-plugin-expose/
-
Critical WordPress Post SMTP plugin flaw exposes 200K+ sites to full takeover
Critical vulnerability in Post SMTP plugin risks full site takeover, over 400k sites use it, and nearly half remain unpatched. A critical vulnerability, tracked as CVE-2025-24000 (CVSS of 8.8) in the Post SMTP WordPress plugin, used by 400k sites, allows full site takeover. The plugin Post SMTP is an email delivery plugin that allows site owners…
-
400,000 WordPress Websites Exposed by Post SMTP Plugin Vulnerability
A critical security vulnerability has been discovered in the popular Post SMTP plugin for WordPress, potentially exposing over 400,000 websites to account takeover attacks. The vulnerability, tracked as CVE-2025-24000, affects versions 3.2.0 and below of the plugin, allowing even low-privileged users to access sensitive email data and ultimately gain administrative control of affected websites as…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 55
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Lookout Discovers Iranian APT MuddyWater Leveraging DCHSpy During Israel-Iran Conflict Uncovering a Stealthy WordPress Backdoor in mu-plugins NPM package ‘is’ with 2.8M weekly downloads infected devs with malware Coyote in the Wild: First-Ever […]…
-
Post SMTP plugin flaw exposes 200K WordPress sites to hijacking attacks
More than 200,000 WordPress websites are using a vulnerable version of the Post SMTP plugin that allows hackers to take control of the administrator account. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/post-smtp-plugin-flaw-exposes-200k-wordpress-sites-to-hijacking-attacks/
-
Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access
Cybersecurity researchers have uncovered a new stealthy backdoor concealed within the “mu-plugins” directory in WordPress sites to grant threat actors persistent access and allow them to perform arbitrary actions.Must-use plugins (aka mu-plugins) are special plugins that are automatically activated on all WordPress sites in the installation. They are located in the “wp-content/mu-plugins” First seen on…
-
Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access
Cybersecurity researchers have uncovered a new stealthy backdoor concealed within the “mu-plugins” directory in WordPress sites to grant threat actors persistent access and allow them to perform arbitrary actions.Must-use plugins (aka mu-plugins) are special plugins that are automatically activated on all WordPress sites in the installation. They are located in the “wp-content/mu-plugins” First seen on…
-
Hidden Backdoor in WordPress Plugins Grants Attackers Ongoing Access to Websites
Security researchers have discovered a concerning trend in which a highly skilled malware campaign has been targeting WordPress websites by using the frequently disregarded mu-plugins directory to insert a covert backdoor. This directory, short for >>must-use plugins,
-
WordPress Security Alert: CVE-2025-6043 Enables Remote File Deletion via Malcure Plugin
A new vulnerability, CVE-2025-6043, has been First seen on thecyberexpress.com Jump to article: thecyberexpress.com/malcure-vulnerability-cve-2025-6043/