Hackers Compromised 3,300 Websites Using Plug-in Vulnerability | allinfosecnews.com

March 12, 2024, 2:54 a.m. | Balaji N

Cyber Security News cybersecuritynews.com

Attackers exploit an unpatched Popup Builder vulnerability (CVE-2023-6000) to inject malicious code into vulnerable websites’ “Custom JS or CSS” sections. The code redirects users to phishing sites or injects further malware, and the campaign has already infected over 3300 websites. Malicious code targets popup events (opening and closing) to manipulate popup behavior. Sometimes, attackers redirect […]

The post Hackers Compromised 3,300 Websites Using Plug-in Vulnerability appeared first on Cyber Security News.

attackers builder campaign code compromised css cve cyber security events exploit hackers inject malicious malware phishing popup redirects technology unpatched vulnerability vulnerable websites

More from cybersecuritynews.com / Cyber Security News

LayerX Security Raises $24M for its Browser Security Platform, Enabling Employees to Work Securely from … 3 hours ago | cybersecuritynews.com

browser browser security capital dell +24

Path Traversal Vulnerability In Popular Android Apps Let Attackers Overwrite Files 3 hours ago | cybersecuritynews.com

aim android android apps android security +26

ArcaneDoor Hackers Who Exploited Cisco Firewall Zero-Days Linked To China 3 hours ago | cybersecuritynews.com

access actor arcanedoor attacks +36

CISA Warns Of Hackers Actively Attacking GitLab Password Reset Vulnerability 3 hours ago | cybersecuritynews.com

access access control agency alert +28

NCSC Warns of Russian Hackers Attacking Critical National Infrastructure 4 hours ago | cybersecuritynews.com

alignment critical critical national infrastructure cyber +19

New macOS Adload Malware Bypasses Built-in macOS Antivirus Detection 7 hours ago | cybersecuritynews.com

adload antivirus apple authors +13

World Password Day 2024: Create Strong Passwords & Stay Safe Online 10 hours ago | cybersecuritynews.com

accounts cyber cyber security cyber threats +20

Beware! Threat Actors Selling RDP Access on Hacker Forums 11 hours ago | cybersecuritynews.com

access alert communities critical +28

Critical MailCleaner Vulnerabilities Let Attackers Execute arbitrary command 11 hours ago | cybersecuritynews.com

administrator attacker attackers command +17

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Principal Business Value Consultant

@ Palo Alto Networks | Chicago, IL, United States

View on infosec-jobs.com

Cybersecurity Specialist, Sr. (Container Hardening)

@ Rackner | San Antonio, TX

View on infosec-jobs.com

Penetration Testing Engineer- Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700

View on infosec-jobs.com

Internal Audit- Compliance & Legal Audit-Dallas-Associate

@ Goldman Sachs | Dallas, Texas, United States

View on infosec-jobs.com

Threat Responder

@ Deepwatch | Remote

View on infosec-jobs.com