WordPress Woes Continue Amid ClickFix Attacks, TDS Threats
Vulnerable and malicious plug-ins are giving threat actors the ability to compromise WordPress sites and use them as a springboard to a variety of cyber threats and scams.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Vulnerable and malicious plug-ins are giving threat actors the ability to compromise WordPress sites and use them as a springboard to a variety of cyber threats and scams.
The threat actors behind the VexTrio Viper Traffic Distribution Service (TDS) have been linked to other TDS services like Help TDS and Disposable TDS, indicating that the sophisticated cybercriminal operation is a sprawling enterprise of its own that's designed to distribute malicious content
Also: New Attack Threatens VPN User Privacy; Android Malware Targets FinlandThis week, LockBit claimed responsibility for an attack, British Columbia probed an attack, the "TunnelVision" flaw threatened VPN users' privacy, a CEO was sentenced for a scam, attackers exploited a WordPress plug-in flaw, Zscaler probed a breach and Finland warned about Android malware scams.
A massive malware campaign dubbed Sign1 has compromised over 39,000 WordPress sites in the last six months, using malicious JavaScript injections to redirect users to scam sites
Attackers use scam security checks to steal victims' government documents, photos, banking information, and email passwords, researchers warn.
Reverse-engineered code redirects visitors to dodgy corners of the internet A years-long campaign by miscreants to insert malicious JavaScript into vulnerable WordPress sites, so that visitors are redirected to scam websites, has been documented by reverse-engineers.…
Cybersecurity researchers have disclosed a massive campaign that's responsible for injecting malicious JavaScript code into compromised WordPress websites that redirects visitors to scam pages and other malicious websites to generate illegitimate traffic