The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.
SecurityWeek

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Authorities announced taking down 106 SocGholish botnet C&C servers and domains, and cleaning up 15,000 WordPress websites.

Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.
Infosecurity Magazine

Attackers Hijack Popular WordPress Plugins to Deploy Backdoors

Attackers have hijacked the code behind several popular WordPress plugins to plant hidden backdoors and rogue administrator ...

WordPress Plugins: Supply Chain Attack Puts 1.2 Million Sites at Risk

In a supply chain attack, attackers install backdoors through the WordPress plugins OptinMonster, TrustPulse, and PushEngage.
Bleeping Computer

Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp

International law enforcement agencies cleaned nearly 15,000 malware-infected WordPress websites and took down more than 100 servers linked to the SocGholish botnet and the Evil Corp Russian ...
The Tech Edvocate

How to defer JavaScript loading WordPress

Spread the love“`html 1. Understanding JavaScript Loading JavaScript is a key component of modern web development, enabling interactive features and functionalities that enhance user experience.
Dark Reading

SocGholish Takedown Highlights Malicious TDS Threats

SocGholish uses traffic distribution systems (TDSs) to provide initial access into victims' networks for cybercrime groups ...
GovInfoSecurity

Cybercrime Initial Access Service SocGholish Disrupted

Long-running initial access service provider SocGholish, tied to Russian cybercrime stalwart Evil Corp, has been disrupted by ...