WordFence – Page 2 – WindowsTechs.com

Nearly a million WordPress sites targeted in extensive attacks

Posted on May 6, 2020 by Zeljka Zorz

A threat actor is actively trying to insert a backdoor into and compromise WordPress-based sites to redirect visitors to malvertising. “While our records show that this threat actor may have sent out a smaller volume of attacks in the past, it’s … Continue reading Nearly a million WordPress sites targeted in extensive attacks→

WordPress Plugin Bug Opens 100K Websites to Compromise

Posted on April 28, 2020 by Tara Seals

Legions of website visitors could be infected with drive-by malware, among other issues, thanks to a CSRF bug in Real-Time Search and Replace. Continue reading WordPress Plugin Bug Opens 100K Websites to Compromise→

Cookie-nabbing app could have served users side helping of XSS

Posted on February 14, 2020 by Danny Bradbury

A popular GDPR compliance WordPress plugin vendor has patched a flaw that rendered both site visitors and admins vulnerable to XSS attacks. Continue reading Cookie-nabbing app could have served users side helping of XSS→

WordPress sites hit by malvertising

Posted on November 7, 2019 by Danny Bradbury

An old piece of malware is storming the WordPress community, enabling its perpetrators to take control of sites and inject code of their choosing. Continue reading WordPress sites hit by malvertising→

Hackers are infecting WordPress sites via a defunct plug-in

Posted on September 26, 2019 by Danny Bradbury

If you’re a Wordpress admin using a plug-in called Rich Reviews, you’ll want to uninstall it. Now. Continue reading Hackers are infecting WordPress sites via a defunct plug-in→

WordPress Plugins Anchor Widespread Malvertising, Rogue Backdoor Campaign

Posted on September 3, 2019 by Tara Seals

An ongoing attack on websites has added new exploits and an administrative backdoor to its bag of tricks. Continue reading WordPress Plugins Anchor Widespread Malvertising, Rogue Backdoor Campaign→

Attackers are exploiting vulnerable WP plugins to backdoor sites

Posted on September 3, 2019 by Zeljka Zorz

A group of attackers that has been injecting WordPress-based sites with a script redirecting visitors to malicious and fraudulent pages has now also started backdooring the vulnerable installations, Wordfence’s Mikey Veenstra warns. The attacks T… Continue reading Attackers are exploiting vulnerable WP plugins to backdoor sites→

WordPress sites are being backdoored with rogue admin users

Posted on September 2, 2019 by John E Dunn

A malvertising campaign has evolved to give hackers control of entire sites. Continue reading WordPress sites are being backdoored with rogue admin users→

Update now! WordPress abandoned cart plugin under attack

Posted on March 13, 2019 by John E Dunn

Hackers have been spotted targeting websites running unpatched versions of the WordPress plugin Abandoned Cart for WooCommerce. Continue reading Update now! WordPress abandoned cart plugin under attack→

Massive botnet chews through 20,000 WordPress sites

Posted on December 10, 2018 by Danny Bradbury

Attackers have infected 20,000 WordPress sites by brute-forcing administrator usernames and passwords. Continue reading Massive botnet chews through 20,000 WordPress sites→