Security News > 2024 > March > Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites

2024-03-12 09:15
A new malware campaign is leveraging a high-severity security flaw in the Popup Builder plugin for WordPress to inject malicious JavaScript code. According to Sucuri, the campaign has infected more than 3,900 sites over the past three weeks. "These attacks are orchestrated from domains less than a month old, with registrations dating back to February 12th, 2024," security researcher
News URL
https://thehackernews.com/2024/03/malware-campaign-exploits-popup-builder.html
Related news
- Hackers exploit WordPress plugin auth bypass hours after disclosure (source)
- Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals (source)
- OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws (source)
- Hackers exploit OttoKit WordPress plugin flaw to add admin accounts (source)
- ⚡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams (source)
- Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery (source)