plugins

  • Blog
    digitpatrox2 weeks ago
    23

    Hunk Companion WordPress plugin exploited to install vulnerable plugins

    Hackers are exploiting a critical vulnerability in the “Hunk Companion” plugin to install and activate other plugins with exploitable flaws directly from the WordPress.org repository. By installing outdated plugins with known vulnerabilities with available exploits, the attackers can access a large pool of flaws that lead to remote code execution (RCE), SQL injection, cross-site scripting (XSS) flaws, or create backdoor admin…

    Read More »
  • Blog
    digitpatroxOctober 21, 2024
    57

    Over 6,000 WordPress hacked to install plugins pushing infostealers

    WordPress sites are being hacked to install malicious plugins that display fake software updates and errors to push information-stealing malware. Over the past couple of years, information-stealing malware has become a scourge to security defenders worldwide as stolen credentials are used to breach networks and steal data. Since 2023, a malicious campaign called ClearFake has been used to display fake web browser…

    Read More »
Back to top button
close