You searched for Wordpress | SC Media

Your search for Wordpress returned 247 results

Your search for Wordpress returned 247 results

Sort Results:

Relevant Recent
Privacy & Compliance News and Analysis, Security News, Website/Web Server Security

WordPress GDPR Cookie Consent plugin patched

A patch released this week for WordPress GDPR Cookie Consent plugin used by more than 700,000 websites fixed critical vulnerabilities that would let attackers change and delete content as well as inject malicious JavaScript code. The GDPR Cookie Consent plugin aids sites in complying with EU GDPR/Cookie Law regulations and is maintained by WebToffee. Noting…
Malware, Security News

Malware redirecting visitors found on 2,000 WordPress sites

More than 2,000 WordPress sites have been infected with malicious JavaScript that redirects visitors to scam websites and sets the stage for additional malware to be downloaded at a later time. The Sucuri team said access is gained to WordPress sites through plugin vulnerabilities, including Simple Fields and CP Contact Form with PayPal. A large…
Network Security, Security News

Mushtik botnet now shopping for Tomato routers

A new variant of the Mushtik botnet has been found attacking routers using the open-source Tomato router firmware with about 4.600 routers currently exposed on the internet. Musthtik has been operating since March 2018 using a worm-like propagating ability to infect and harvest Linux servers and IoT devices. The good news is the new variant…
Features, Security News

2019 Data breaches

Data on 92M Brazilians found for sale on underground forums  In October 92 million Brazilians had their name, birth date, mother’s name, gender and tax details including taxpayer IDs exposed contained in a Brazilian government 16GB SQL database was found for sale on a dark web forum.  DoorDash data breach hits 4.9 million customers, merchants and…
Security News, Vulnerabilities

WordPress patches four security vulnerabilities

WordPress has pushed out version 5.3.1 patching four security issues. WordPress versions 5.3 and earlier are affected and the company is recommending users download the new version, which is a short-cycle maintenance release and soon will be superseded by a full update when version 5.4 is released. The company did not make note of any…
Cybercrime, Malware, Security News

Researchers: WP-VCD malware is No. 1 in WordPress infections since August

Researchers at WordFence have eyed a recent uptick in attacks on WordPress involving WP-VCD backdoor malware. Since August 2019, no other WordPress-targeting malware has yielded a higher rate of new infections that WP-VCD, the company reported this week in a blog post and in-depth white paper. Such findings suggest that the malware, whose main purpose…
Security News, Vulnerabilities

WordPress patches 6 bugs

WordPress rolled out version 5.2.4 patching six vulnerabilities as a short-term fix prior to the release of version 5.3. WordPress version 5.2.3 and earlier are affected by these bugs. The problems covered included an issue where stored XSS could be added via the Customizer, a method of viewing unauthenticated posts, a way to create a…
Security News, Vulnerabilities

WordPress Rich Review plugin vulnerable to malvertising

An estimated 16,000 WordPress websites are running a plugin that is vulnerable to unauthenticated plugin option updates. WordFence, a WordPress security solution provider, has reported that the plugin Rich Reviews has a vulnerability that is currently being abused and can be exploited to deliver stored cross-site scripting (XSS) payloads. This can result in malvertisements being…
Variant of Emotet banking malware used in spam campaign
Malware, Security News

Emotet back in action

The Emotet botnet is back from a four-month vacation with a new spam campaign that began early on September 16. The initial burst of emails mainly targeted German, Polish, and Italian speakers with a sprinkling of English folks also receiving the emails with a subject line containing the phrase “payment remittance advice,” the Malwarebytes Threat…
Network Security, Security News, Vulnerabilities, Website/Web Server Security

WordPress update fixes assortment of XSS flaws

The developers of WordPress last week issued a short-cycle maintenance release for its content management system software, introducing 29 fixes and improvements. The new version, 5.2.3, remedies six issues that can enable cross-site scripting (XSS) attacks. These include XSS flaws found in post previews, stored comments and shortcode previews, and another XSS vulnerability that results…
Next post in Website/Web Server Security