July 23, 2024 at 06:28AM Threat actors use sneaky techniques like swap files to conceal credit card skimmer malware in compromised websites. The skimmer captures payment information and exfiltrates it to an attacker-controlled domain. These actors also use defense evasion methods like malicious plugins and compromised administrator accounts. Site owners are advised on security measures … Read more
May 8, 2024 at 04:28AM A high-severity vulnerability (CVE-2023-40000, CVSS score: 8.3) in the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to create rogue admin accounts. The flaw, which allows for stored cross-site scripting, was disclosed in February 2024 and fixed in version 5.7.0.1. Users are urged to update and … Read more
April 12, 2024 at 01:57AM Cybersecurity researchers have uncovered a credit card skimmer camouflaged in a fake Meta Pixel tracker script to evade detection. The malware is injected into websites through tools like WordPress plugins and Magento admin panel, allowing the injection of malicious JavaScript. Sites using WordPress and Magento are at risk of another … Read more
March 12, 2024 at 05:21AM A new malware campaign targets WordPress sites using Popup Builder plugin, infiltrating over 3,900 sites. It exploits CVE-2023-6000 to create rogue admin users and install harmful plugins. WordPress owners are urged to update plugins and scan for malicious code. Additionally, a high-severity bug in Ultimate Member plugin was disclosed, posing … Read more
March 7, 2024 at 09:21AM Threat actors are launching distributed brute-force attacks on WordPress sites through malicious JavaScript injections, causing unauthorized access to target sites. This shift from crypto drainers to brute-force attacks may be driven by profit motives, as compromised sites can be monetized in various ways. Prior attacks have exploited vulnerabilities in WordPress … Read more