#WebsiteSecurity

Over 380k Hosts Still Referencing Malicious Polyfill Domain: Censys

by

July 3, 2024 at 09:57AM Censys reports over 380,000 internet-exposed hosts with JavaScript scripts referencing the suspended polyfill.io domain. Following its suspension for malicious activities, over 100,000 websites were affected, prompting industry responses. Censys now identifies 384,773 hosts still referencing the domain. Further concerns arise about other potentially compromised domains controlled by the same threat … Read more

Google to Block Entrust Certificates in Chrome Starting November 2024

by

June 29, 2024 at 11:45AM Google has announced it will block websites using certificates from Entrust in Chrome browser from November 1, 2024 due to compliance and security issues. TLS certificates from Entrust will not be trusted by Chrome versions 127 and higher. Users will see a warning for insecure connections, urging website operators to … Read more

Polyfill.io owner punches back at ‘malicious defamation’ amid domain shutdown

by

June 27, 2024 at 11:56PM After its website shutdown, Polyfill.io’s owner battles accusations of distributing suspicious code on various websites. Anger-fueled social media posts target CDN titan Cloudflare and media for “malicious defamation.” Experts and a domain registrar warn of supply chain risks. The site has relocated to polyfill[.]com. Cloudflare also launches a JavaScript URL … Read more

Polyfill Supply Chain Attack Hits Over 100k Websites 

by

June 26, 2024 at 07:07AM Over 100,000 websites have been targeted by a supply chain attack injecting malware through a Polyfill domain, as reported by SecurityWeek. Based on the meeting notes, it appears that a supply chain attack involving the injection of malware through a Polyfill domain has impacted over 100,000 websites. This information was … Read more

New Credit Card Skimmer Targets WordPress, Magento, and OpenCart Sites

by

June 26, 2024 at 05:33AM The credit card web skimmer, Caesar Cipher Skimmer, is targeting CMS platforms like WordPress, Magento, and OpenCart. It operates by injecting obfuscated malware into e-commerce sites to steal financial information. The skimmer uses various methods to conceal its activities and can adapt its responses based on the website it infects. … Read more

Plugins on WordPress.org backdoored in supply chain attack

by

June 25, 2024 at 03:32PM Threat actor altered WordPress plugins on WordPress.org to insert malicious code, creating new admin accounts and injecting SEO spam. Wordfence discovered the breach and notified developers, resulting in patches for most affected products. The compromised plugins include Social Warfare, Blaze Widget, Wrapper Link Element, Contact Form 7 Multi-Step Addon, and … Read more

WordPress Supply Chain Attack Spreads Across Multiple Plug-Ins

by

June 25, 2024 at 12:53PM Multiple plug-ins on WordPress.org were compromised by threat actors, injecting malicious code aimed at granting attackers administrative privileges and enabling further malicious activity. The affected plug-ins, including the popular Social Warfare, have been delisted and are unavailable for download, with a recommendation to remove them immediately and perform a complete … Read more

Several Plugins Compromised in WordPress Supply Chain Attack 

by

June 25, 2024 at 08:48AM Malicious code inserted into five WordPress plugins created new admin accounts, reported Defiant. Social Warfare versions 4.4.6.4 to 4.4.7.1 have the code and users should update to 4.4.7.3. Four other plugins are affected. The attacker sends admin details to their server and adds SEO spam to sites. The plugins are … Read more

Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors

by

May 30, 2024 at 11:16AM Fastly warns of ongoing exploitation of vulnerabilities in three WordPress plugins, enabling the injection of malicious scripts and backdoors. These flaws permit unauthenticated stored cross-site scripting attacks, creation of new administrator accounts, and stealing of credentials. Impacting over 600,000 installations, the campaign is emanating from IPs linked to AS IP … Read more

Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities

by

May 30, 2024 at 10:21AM Cybersecurity researchers have warned of high-severity security vulnerabilities in various WordPress plugins, being actively exploited to create rogue administrator accounts for further exploitation. The flaws allow for unauthenticated stored cross-site scripting attacks, enabling threat actors to inject malicious scripts. To mitigate these risks, WordPress site owners should review installed plugins, … Read more