Hackers exploited WordPress Popup Builder plugin flaw to compromise 3,300 sites | allinfosecnews.com

March 11, 2024, 7:55 a.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

Threat actors are hacking WordPress sites by exploiting a vulnerability, tracked as CVE-2023-6000, in old versions of the Popup Builder plugin. In January, Sucuri researchers reported that Balada Injector malware infected over 7100 WordPress sites using a vulnerable version of the Popup Builder WordPress plugin. Sucurity reported that on December 13th, the Balada Injector campaign started infecting […]

balada balada injector breaking news builder compromise cve cybercrime exploited exploiting flaw hackers hacking information security news injector it information security january malware old pierluigi paganini plugin popup researchers sucuri threat threat actors version vulnerability vulnerable wordpress wordpress plugin wordpress sites

More from securityaffairs.co / Security Affairs

NCSC: New UK law bans default passwords on smart devices 5 hours ago | securityaffairs.co

april ban bans breaking news +29

The FCC imposes $200 million in fines on four US carriers for unlawfully sharing user … 7 hours ago | securityaffairs.co

access breaking news carriers communications +19

Google prevented 2.28 million policy-violating apps from being published on Google Play in 2023 16 hours ago | securityaffairs.co

android apps breaking news google +14

Financial Business and Consumer Solutions (FBCS) data breach impacted 2M individuals 23 hours ago | securityaffairs.co

agency breach breaking news business +23

Cyber-Partisans hacktivists claim to have breached Belarus KGB 1 day, 3 hours ago | securityaffairs.co

access agency belarus belarus kgb +21

The Los Angeles County Department of Health Services disclosed a data breach 1 day, 4 hours ago | securityaffairs.co

breach breaking news cyber crime cybercrime +16

Multiple Brocade SANnav SAN Management SW flaws allow device compromise 1 day, 6 hours ago | securityaffairs.co

application area brocade brocade sannav +20

ICICI Bank exposed credit card data of 17000 customers 1 day, 16 hours ago | securityaffairs.co

bank banks breaking news card +19

Okta warns of unprecedented scale in credential stuffing attacks on online services 1 day, 22 hours ago | securityaffairs.co

access access management attacks availability +25

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Senior Security Engineer

@ Core10 | Nashville, Tennessee, United States - Remote

View on infosec-jobs.com

Security Operations Engineer I

@ Jamf | US Remote

View on infosec-jobs.com

IT Security ISSO Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States

View on infosec-jobs.com

Compliance Officer

@ Aspire Software | Canada - Remote

View on infosec-jobs.com

Security Operations Center (SOC) - AVP

@ Paytm | Noida, Uttar Pradesh

View on infosec-jobs.com