Malicious actors have exploited security flaws in the WordPress Content Management System to launch a major malvertising campaign. Israeli cybersecurity firm Check Point was first to identify this operation and suggests that it could be responsible for as many as 40,000 attempted infections each week. According to Check Point, the… Read more »
It’s now seven months since researchers notified WordPress that its CMS contained a vulnerability that allows a user with limited privileges to deploy the ‘thumbnail delete’ function to take control of a website. So far, WordPress has failed to issue a fix; despite the fact that a malicious party –… Read more »
US security firm Sucuri has detected that nearly 5,500 sites managed through popular CMS WordPress have been contaminated with malicious cryptojacking script loaded from the cloudflare.solutions domain (which, it should be noted, is nothing to do with Cloudflare). This keylogger can record every keystroke made by the user and also… Read more »
It’s bad news when you try to sort out a problem and the solution just makes matters worse. WordPress, the world’s most popular CMS and supporter of 60 million websites (28% of the total number), now knows this only too well. Back in September, WordPress issued a fix to rectify… Read more »