Security News > 2017 > February > Tens of thousands WordPress sites defaced, SEO spam to follow (Help Net Security)

Attackers are actively exploiting the recently patched unauthenticated privilege escalation vulnerability in WordPress’ REST API to deface websites. Sucuri, the company that discovered the flaw and responsibly reported it to the WordPress security team, spotted four distinct defacement campaigns in the 48 hours after the existence of the bug was publicly revealed. Three of them have had limited impact, but one – “signed” by someone that goes by “w4l3XzY3” – has resulted in the compromise … More →

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/1sqAQBNsy-c/