TrickBot Trojan Adds RDP Brute-Forcing to Its Arsenal
A fresh module aims to compromise remote desktop accounts to access corporate resources. Continue reading TrickBot Trojan Adds RDP Brute-Forcing to Its Arsenal
Category Archives: plugin
New Sonatype Scan Gradle Plugin
Sonatype has an ongoing commitment to the Open Source community to keep software developers aware of the components in their applications (Bill of Materials/BOM) and any known vulnerabilities they may contain. We are constantly developing and rele… Continue reading New Sonatype Scan Gradle Plugin
Free trojanized WordPress themes lead to widespread compromise of web servers
Over 20,000 web servers (and who knows how many websites) have been compromised via trojanized WordPress themes to deliver malware through malicious ads, Prevailion researchers have discovered. The compromised servers are located across the globe and m… Continue reading Free trojanized WordPress themes lead to widespread compromise of web servers
WordPress sites hacked through defunct Rich Reviews plugin
An estimated 16,000 websites are believed to be running a vulnerable and no-longer-maintained WordPress plugin that can be exploited to display pop-up ads and redirect visitors to webpages containing porn, scams, and–worst of all–malware designed to in… Continue reading WordPress sites hacked through defunct Rich Reviews plugin
WordPress sites hacked through defunct Rich Reviews plugin
An estimated 16,000 websites are believed to be running a vulnerable and no-longer-maintained WordPress plugin that can be exploited to display pop-up ads and redirect visitors to webpages containing porn, scams, and–worst of all–malware de… Continue reading WordPress sites hacked through defunct Rich Reviews plugin
Attackers are exploiting vulnerable WP plugins to backdoor sites
A group of attackers that has been injecting WordPress-based sites with a script redirecting visitors to malicious and fraudulent pages has now also started backdooring the vulnerable installations, Wordfence’s Mikey Veenstra warns. The attacks T… Continue reading Attackers are exploiting vulnerable WP plugins to backdoor sites
WordPress sites are being backdoored with rogue admin users
A malvertising campaign has evolved to give hackers control of entire sites. Continue reading WordPress sites are being backdoored with rogue admin users
How a Surf Loving Aussie Developed Sonatype’s Most Popular Extension
The first thing you need to know about Sonatype is this: the rumors are true.
The post How a Surf Loving Aussie Developed Sonatype’s Most Popular Extension appeared first on Security Boulevard.
Continue reading How a Surf Loving Aussie Developed Sonatype’s Most Popular Extension
Application News – Application Security Weekly #68
WordPress Plugin WP Statistics Patches XSS Flaw, Three RCEs in Android’s Media framework, Nine Best Practices For Integrating Application Security Testing Into DevOps, 6 Traits That Define DevSecOps, and much more! News Bugs, Breaches, and Mo… Continue reading Application News – Application Security Weekly #68
Irked Researcher Discloses Facebook WordPress Plugin Flaws
Researchers at Plugin Vulnerabilities cite grudge and irresponsibly disclose bugs in two WordPress plugins from Facebook. Continue reading Irked Researcher Discloses Facebook WordPress Plugin Flaws