Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys
Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites
WordPress is a content management platform whose core, plugins, and themes can contain vulnerabilities that expose websites, accounts, and data.
Search across headline titles and summaries.
Background for this topic.
WordPress is an open-source content management system (CMS) used to publish and manage websites. A site typically combines WordPress core with independently developed plugins and themes, which extend functionality but create a diverse and changing software supply chain. Its security therefore depends not only on the core software, but also on the quality, maintenance, and configuration of those extensions.
Security-relevant issues include exploitable vulnerabilities in core, plugins, or themes; weak or reused administrator credentials; and exposed or poorly configured administrative and API interfaces. Attackers may use these paths to alter content, install malicious code, or access site data. Administrators should track advisories and affected versions, apply updates through a controlled process, remove unsupported extensions, enforce strong authentication and least privilege, and keep protected, tested backups. Monitoring and log review help identify unauthorized changes and support recovery when compromise is suspected.
Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites
Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., have disrupted malicious infrastructure associated with SocGholish and cleaned up nearly 15,000 infected WordPress websites
International law enforcement agencies cleaned nearly 15,000 malware-infected WordPress websites and took down more than 100 servers linked to the SocGholish botnet and the Evil Corp Russian cybercrime group. [...]
Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack that distributed infected releases to paying customers via the vendor's official update system. [...]
An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for their warez, according to new findings from Check Point Research
New analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and data extortion group Vice Society.
WordPress plugins OptinMonster, TrustPulse, and PushEngage have been compromised in a supply-chain attack impacting Awesome Motive-s content distribution network (CDN). [...]
Tampered OptinMonster and sister plugins plant hidden backdoors on 1.2 million WordPress sites
An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMonster, and TrustPulse, turning those files into a way to break into the sites
Attackers compromised Awesome Motive CDN files, backdooring WordPress sites running OptinMonster, TrustPulse, and PushEngage. Sansec researchers discovered an active supply chain attack hitting WordPress sites running OptinMonster, TrustPulse, and PushEngage, three plugins operated by Awesome Motive, one of the largest WordPress plugin companies in the world. The malicious JavaScript wasn’t sitting on any victim’s server. […]