-
Plugins on WordPress.org backdoored in supply chain attack
A threat actor modified the source code of at least five plugins hosted on WordPress.org to include malicious PHP scripts that create new accounts with administrative privileges on websites running them.
- June 25, 2024
- 03:25 PM
2
-
Facebook PrestaShop module exploited to steal credit cards
Hackers are exploiting a flaw in a premium Facebook module for PrestaShop named pkfacebook to deploy a card skimmer on vulnerable e-commerce sites and steal people's payment credit card details.
- June 23, 2024
- 10:08 AM
0
-
"Researchers" exploit Kraken exchange bug, steal $3 million in crypto
The Kraken crypto exchange disclosed today that alleged security researchers exploited a zero-day website bug to steal $3 million in cryptocurrency and then refused to return the funds.
- June 19, 2024
- 10:51 AM
- 0
-
Grow your startup with this SEO and growth hacking bundle, now $25
If you're building your own company or trying to get hired in marketing, this bundle is a great asset. Right now, you can get lifetime on-demand access for just $24.99, saving a huge 67% off the original price for the training.
- June 11, 2024
- 02:12 PM
- 0
-
Hackers exploit LiteSpeed Cache flaw to create WordPress admins
Hackers have been targeting WordPress sites with an outdated version of the LiteSpeed Cache plugin to create administrator users and gain control of the websites.
- May 07, 2024
- 05:42 PM
- 0
-
Reddit down in major outage blocking access to web, mobile apps
Reddit is investigating a major outage blocking users worldwide from accessing the social network's websites and mobile apps.
- April 25, 2024
- 01:26 PM
- 0
-
Critical flaw in LayerSlider WordPress plugin impacts 1 million sites
A premium WordPress plugin named LayerSlider, used in over one million sites, is vulnerable to unauthenticated SQL injection, requiring admins to prioritize applying security updates for the plugin.
- April 03, 2024
- 02:21 PM
- 3
-
Evasive Sign1 malware campaign infects 39,000 WordPress sites
A previously unknown malware campaign called Sign1 has infected over 39,000 websites over the past six months, causing visitors to see unwanted redirects and popup ads.
- March 21, 2024
- 11:56 AM
- 0
-
Joomla fixes XSS flaws that could expose sites to RCE attacks
Five vulnerabilities have been discovered in the Joomla content management system that could be leveraged to execute arbitrary code on vulnerable websites.
- February 21, 2024
- 05:55 PM
- 0
-
Hackers steal data of 2 million in SQL injection, XSS attacks
A threat group named 'ResumeLooters' has stolen the personal data of over two million job seekers after compromising 65 legitimate job listing and retail sites using SQL injection and cross-site scripting (XSS) attacks.
- February 06, 2024
- 02:00 AM
- 1
-
Major T-Mobile outage takes down account access, mobile app
A major T-Mobile outage is preventing customers from logging into their accounts and using the company's mobile app.
- January 11, 2024
- 06:21 PM
- 3
-
Over 150k WordPress sites at takeover risk via vulnerable plugin
Two vulnerabilities impacting the POST SMTP Mailer WordPress plugin, an email delivery tool used by 300,000 websites, could help attackers take complete control of a site authentication.
- January 11, 2024
- 04:54 PM
- 1
-
New Balada Injector campaign infects 6,700 WordPress sites
A new Balada Injector campaign launched in mid-December has infected over 6,700 WordPress websites using a vulnerable version of the Popup Builder campaign.
- January 11, 2024
- 12:44 PM
- 0
-
Europol warns 443 online shops infected with credit card stealers
Europol has notified over 400 websites that their online shops have been hacked with malicious scripts that steal debit and credit cards from customers making purchases.
- December 22, 2023
- 09:50 AM
- 0
-
ALPHV ransomware site outage rumored to be caused by law enforcement
A law enforcement operation is rumored to be behind an outage affecting ALPHV ransomware gang's websites over the last 30 hours.
- December 08, 2023
- 01:30 PM
- 0
-
WordPress fixes POP chain exposing websites to RCE attacks
WordPress has released version 6.4.2 that addresses a remote code execution (RCE) vulnerability that could be chained with another flaw to allow attackers run arbitrary PHP code on the target website.
- December 07, 2023
- 03:10 PM
- 0
-
Fake WordPress security advisory pushes backdoor plugin
WordPress administrators are being emailed fake WordPress security advisories for a fictitious vulnerability tracked as CVE-2023-45124 to infect sites with a malicious plugin.
- December 04, 2023
- 12:19 PM
- 4
-
WP Fastest Cache plugin bug exposes 600K WordPress sites to attacks
The WordPress plugin WP Fastest Cache is vulnerable to an SQL injection vulnerability that could allow unauthenticated attackers to read the contents of the site's database.
- November 14, 2023
- 06:32 PM
- 1
-
Hackers exploit critical flaw in WordPress Royal Elementor plugin
A critical severity vulnerability impacting Royal Elementor Addons and Templates up to version 1.3.78 is reported to be actively exploited by two WordPress security teams.
- October 16, 2023
- 03:08 PM
- 1
-
New WordPress backdoor creates rogue admin to hijack websites
A new malware has been posing as a legitimate caching plugin to target WordPress sites, allowing threat actors to create an administrator account and control the site's activity.
- October 11, 2023
- 05:23 PM
- 8
0
-
Remove the Theonlinesearch.com Search Redirect
Filed Under: Adware -
Remove the Smartwebfinder.com Search Redirect
Filed Under: Adware -
How to remove the PBlock+ adware browser extension
Filed Under: Adware -
Remove the Toksearches.xyz Search Redirect
Filed Under: Adware -
Remove the Smashapps.net Search Redirect
Filed Under: Adware
-
Version: 5.1.5.1165M+ Downloads
-
Version: 1.33.07554,224 Downloads
-
Version: 0.8141,953 Downloads
-
Version: NA103,249 Downloads
-
Version: NA150,238 Downloads
