all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Compromised plugins found on WordPress.org

Add to bookmarks
June 26, 2024, 8:32 a.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

An unknown threat actor has compromised five (and possibly more) WordPress plugins and injected them with code that creates a new admin account, effectively allowing them complete control over WordPress installations / websites. “In addition, it appears the threat actor also injected malicious JavaScript into the footer of websites that appears to add SEO spam throughout the website,” Wordfence researchers noted. The compromised plugins The backdoored plugins have collectively been downloaded by 35,000+ WordPress users. … More →


The post …

account actor addition admin backdoor code compromised control don't miss effectively found hot stuff javascript malicious org plugin plugins seo seo spam spam supply chain compromise threat threat actor websites wordfence wordpress wordpress plugins

Visit resource

More from www.helpnetsecurity.com / Help Net Security

USX Cyber GUARDIENT helps MSPs protect their clients 23 hours ago | www.helpnetsecurity.com
addresses and response businesses clients +28
CISOs becoming more comfortable with risk levels 1 day, 3 hours ago | www.helpnetsecurity.com
business ceo ciso cisos +12
Leveraging AI and automation for enhanced security operations 1 day, 3 hours ago | www.helpnetsecurity.com
address ai and automation amp artificial intelligence +33
Web scraping is not just a security or fraud problem 1 day, 4 hours ago | www.helpnetsecurity.com
akamai bot bots business +17
New infosec products of the week: June 28, 2024 1 day, 4 hours ago | www.helpnetsecurity.com
and response apm application application performance +31
Largest Croatian hospital under cyberattack 1 day, 20 hours ago | www.helpnetsecurity.com
attack critical infrastructure croatia cyberattack +20
Lastwall Quantum Shield delivers protection against Q-Day threats 1 day, 21 hours ago | www.helpnetsecurity.com
bear blue campaigns capital +23
PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276) 1 day, 22 hours ago | www.helpnetsecurity.com
critical cve cve-2024 don't miss +22
Datadog LLM Observability secures generative AI applications 1 day, 22 hours ago | www.helpnetsecurity.com
accelerate application application developers applications +23

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Ingénieur Développement Logiciel IoT H/F

@ Socomec Group | Benfeld, Grand Est, France
View on infosec-jobs.com

Architecte Cloud – Lyon

@ Sopra Steria | Limonest, France
View on infosec-jobs.com

Senior Risk Operations Analyst

@ Visa | Austin, TX, United States
View on infosec-jobs.com

Military Orders Writer

@ Advanced Technology Leaders, Inc. | Ft Eisenhower, GA, US
View on infosec-jobs.com

Senior Golang Software Developer (f/m/d)

@ E.ON | Essen, DE
View on infosec-jobs.com

Senior Revenue Operations Analyst (Redwood City)

@ Anomali | Redwood City, CA
View on infosec-jobs.com