Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.

WordPress malware uses Steam profile comments for command and control

The comments on some Steam Profiles are actually loaded with invisible malware.
Agence France-Presse

The Open Group Launches the Open Footprint® Standard, Edition 1.0 to Streamline Scope 1, 2, and 3 Emissions Management

The Open Group, the vendor-neutral technology and standards organization, today announced the release of the Open Footprint ® Standard, Edition 1.0, that will help organizations streamline scope 1, 2, ...
The Hacker News

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited ...
TechRound

How Did Cybercriminals Use Fake New York Times Pages To Scam Users?

Researchers at Comparitech want to understand the systems working behind spam emails that promise some sort of reward, ...
Searchenginejournal.com

WordPress 7.0 Launches With Native AI Integration

After weeks of delay, WordPress 7.0, named Armstrong, is finally released. The centerpiece feature was supposed to be real-time collaboration (RTC) but what is shipping is bigger: Native AI ...
Printed Circuit Design & Fab Online Magazine

AI Boom Sparks PCB Materials Warning

Vendors are shifting capacity from traditional PCB materials to advanced dielectrics. They should be increasing both. I have some good news, and some bad news. (Spoiler alert: This should be a wake-up ...
SecurityWeek

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks

Threat actors are exploiting vulnerabilities in Joomla and the LiteSpeed cPanel plugin for code execution and privilege ...
The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.
ProPublica

ProPublica — Investigative Journalism and News in the Public Interest

Oil tycoon Jeffery Hildebrand gave millions to Donald Trump’s 2024 election campaign. He is set to reap a financial windfall as the EPA moves to weaken restrictions on wells like his that produce very ...
Infosecurity Magazine

Attackers Hijack Popular WordPress Plugins to Deploy Backdoors

Attackers have hijacked the code behind several popular WordPress plugins to plant hidden backdoors and rogue administrator ...