The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.
SecurityWeek

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Authorities announced taking down 106 SocGholish botnet C&C servers and domains, and cleaning up 15,000 WordPress websites.

Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.
Bleeping Computer

Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp

International law enforcement agencies cleaned nearly 15,000 malware-infected WordPress websites and took down more than 100 servers linked to the SocGholish botnet and the Evil Corp Russian ...
Infosecurity Magazine

Attackers Hijack Popular WordPress Plugins to Deploy Backdoors

Attackers have hijacked the code behind several popular WordPress plugins to plant hidden backdoors and rogue administrator ...

WordPress Plugins: Supply Chain Attack Puts 1.2 Million Sites at Risk

In a supply chain attack, attackers install backdoors through the WordPress plugins OptinMonster, TrustPulse, and PushEngage.
The Hacker News

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...
The Tech Edvocate

How to defer JavaScript loading WordPress

Spread the love“`html 1. Understanding JavaScript Loading JavaScript is a key component of modern web development, enabling interactive features and functionalities that enhance user experience.
GovInfoSecurity

Cybercrime Initial Access Service SocGholish Disrupted

Long-running initial access service provider SocGholish, tied to Russian cybercrime stalwart Evil Corp, has been disrupted by ...