Bleeping Computer

Over 6,000 WordPress sites hacked to install plugins pushing infostealers

WordPress sites are being hacked to install malicious plugins that display fake software updates and errors to push information-stealing malware. Over the past couple of years, information-stealing ...
Ars Technica

Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack

WordPress plugins running on as many as 36,000 websites have been backdoored in a supply-chain attack with unknown origins, security researchers said on Monday. So far, five plugins are known to be ...
TechRadar

Thousands of WordPress websites hacked via plugin looking to steal user data

A new variant of the infamous ClearFake (AKA ClickFix) malware has been detected in the wild, and has already managed to compromise thousands of WordPress website builder sites. Researchers from ...
TechRadar

This WordPress plugin grants hackers 'ultimate' admin access to your site

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Thousands of WordPress sites could be at risk as a vulnerability in the Ultimate Member plugin ...