Security News > 2024 > December > 390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits
2024-12-13 20:00
A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is estimated to have enabled the exfiltration of over 390,000 credentials. The malicious activity is part of a broader attack campaign undertaken by a threat actor, dubbed MUT-1244 (where MUT refers to "mysterious unattributed threat") by Datadog Security Labs, that
News URL
https://thehackernews.com/2024/12/390000-wordpress-credentials-stolen-via.html
Related news
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Mitel MiCollab zero-day and PoC exploit unveiled (source)
- PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files (source)
- Adobe warns of critical ColdFusion bug with PoC exploit code (source)
- 15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials (source)
- LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers (source)
- Fake LDAPNightmware exploit on GitHub spreads infostealer malware (source)