Security researchers announced on Monday that there had been a supply chain attack on up to 36,000 WordPress plugins running on a wide range of...
Vous n'êtes pas connecté
A threat actor modified the source code of at least five plugins hosted on WordPress.org to include malicious PHP scripts that create new accounts with administrative privileges on websites running them. [...]
Security researchers announced on Monday that there had been a supply chain attack on up to 36,000 WordPress plugins running on a wide range of...
Multiple WordPress plugins have been backdoored to inject malicious code that makes it possible to create rogue administrator accounts with the aim of...
On June 24th, 2024, the Wordfence Threat Intelligence Team became aware of a WordPress plugin, Social Warfare, that was infected with malware through...
Google has taken steps to block ads for e-commerce sites that use the Polyfill.io service after a Chinese company acquired the domain and modified the...
Over 100,000 sites have been impacted in a supply chain attack by the Polyfill.io service after a Chinese company acquired the domain and the script...
Scripts turn malicious, infect webpages after Chinese CDN swallows domain The polyfill.io domain is being used to infect more than 100,000 websites...
A recently developed phishing campaign has emerged, leveraging the Windows Search protocol to deliver malicious scripts to unsuspecting users. This...
Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates....
Our latest research has found that clickable links on websites can often be redirected to malicious destinations. We call these "hijackable...
A new malware distribution campaign uses fake Google Chrome, Word, and OneDrive errors to trick users into running malicious PowerShell "fixes" that...