all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Over 17,000 WordPress Sites Compromised by Balada Injector in September 2023

Add to bookmarks
Oct. 11, 2023, 12:41 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

More than 17,000 WordPress websites have been compromised in the month of September 2023 with malware known as Balada Injector, nearly twice the number of detections in August.
Of these, 9,000 of the websites are said to have been infiltrated using a recently disclosed security flaw in the tagDiv Composer plugin (CVE-2023-3169, CVSS score: 6.1) that could be exploited by unauthenticated users to

august balada balada injector compromised detections flaw injector malware security security flaw september websites wordpress

Visit resource

More from thehackernews.com / The Hacker News

New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024 3 hours ago | thehackernews.com
act and telecommunications april bans +23
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023 16 hours ago | thehackernews.com
access accounts address android +20
China-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global Scale 19 hours ago | thehackernews.com
actor china cloud cloud security +22
Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM 22 hours ago | thehackernews.com
adoption attackers challenge cyber +21
New R Programming Vulnerability Exposes Projects to Supply Chain Attacks 22 hours ago | thehackernews.com
actor attacks code code execution +22
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover 23 hours ago | thehackernews.com
access adversary code code execution +18
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks 1 day, 19 hours ago | thehackernews.com
access access management attacks availability +16
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw 2 days, 20 hours ago | thehackernews.com
attack attack chain cobalt cobalt strike +19
Bogus npm Packages Used to Trick Software Developers into Installing Malware 3 days, 3 hours ago | thehackernews.com
backdoor bogus campaign cybersecurity +25

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Architect - Identity and Access Management Architect (80-100% | Hybrid option)

@ Swiss Re | Madrid, M, ES
View on infosec-jobs.com

Alternant - Consultant HSE (F-H-X)

@ Bureau Veritas Group | MULHOUSE, Grand Est, FR
View on infosec-jobs.com

Senior Risk/Cyber Security Analyst

@ Baker Hughes | IN-KA-BANGALORE-NEON BUILDING WEST TOWER
View on infosec-jobs.com

Offensive Security Engineer (University Grad)

@ Meta | Bellevue, WA | Menlo Park, CA | Seattle, WA | Washington, DC | New York City
View on infosec-jobs.com

Senior IAM Security Engineer

@ Norfolk Southern | Atlanta, GA, US, 30308
View on infosec-jobs.com
View more jobs