Security News > 2024 > December > 390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits
2024-12-13 20:00
A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is estimated to have enabled the exfiltration of over 390,000 credentials. The malicious activity is part of a broader attack campaign undertaken by a threat actor, dubbed MUT-1244 (where MUT refers to "mysterious unattributed threat") by Datadog Security Labs, that
News URL
https://thehackernews.com/2024/12/390000-wordpress-credentials-stolen-via.html
Related news
- Adobe warns of critical ColdFusion bug with PoC exploit code (source)
- 15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials (source)
- LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers (source)
- Fake LDAPNightmware exploit on GitHub spreads infostealer malware (source)
- Cisco warns of denial of service flaw with PoC exploit code (source)
- GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs (source)
- Clone2Leak attacks exploit Git flaws to steal credentials (source)
- Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)