Security News

WordPress admins, take note: RCE and password reset vulnerabilities revealed (Help Net Security)
2017-05-04 18:59

Independent security researcher Dawid Golunski has released a proof-of-concept exploit code for an unauthenticated remote code execution vulnerability in WordPress 4.6 (CVE-2016-10033), and...

Unpatched WordPress Password Reset Vulnerability Lingers (Threatpost)
2017-05-04 16:46

A zero day vulnerability exists in WordPress Core that in some instances, could allow an attacker to reset a user's password and in turn, gain access to their account.

Unpatched Wordpress Flaw Could Allow Hackers To Reset Admin Password (The Hackers News)
2017-05-04 11:11

WordPress, the most popular CMS in the world, is vulnerable to a logical vulnerability that could allow a remote attacker to reset targeted users’ password under certain circumstances. The...

Unpatched WordPress Password Reset Flaw Disclosed (SecurityWeek)
2017-05-04 09:03

WordPress Attacks Powered by Router Botnet Drop Rapidly (SecurityWeek)
2017-05-03 10:18

Thousands of Hacked Routers Used for WordPress Attacks (SecurityWeek)
2017-04-12 16:32

Is Your Router Helping Criminals Attack WordPress Sites? (Forbes)
2017-04-12 12:48

Sathurbot Botnet Targets WordPress Accounts (SecurityWeek)
2017-04-07 19:18

20,000-bots-strong Sathurbot botnet grows by compromising WordPress sites (Help Net Security)
2017-04-07 15:40

A 20,000-bots-strong botnet is probing WordPress sites, trying to compromise them and spread a backdoor downloader Trojan called Sathurbot as far and as wide as possible. Sathurbot: A versatile...

Fake SEO Plugin Used In WordPress Malware Attacks (Threatpost)
2017-04-03 16:29

Malware that passes itself off as a WordPress SEO plugin has been infecting sites and opening a backdoor for hackers on thousands of sites.