Security News

20,000-bots-strong Sathurbot botnet grows by compromising WordPress sites (Help Net Security)
2017-04-07 15:40

A 20,000-bots-strong botnet is probing WordPress sites, trying to compromise them and spread a backdoor downloader Trojan called Sathurbot as far and as wide as possible. Sathurbot: A versatile...

Fake SEO Plugin Used In WordPress Malware Attacks (Threatpost)
2017-04-03 16:29

Malware that passes itself off as a WordPress SEO plugin has been infecting sites and opening a backdoor for hackers on thousands of sites.

Fake SEO plugin backdoors WordPress installations (Help Net Security)
2017-04-03 15:33

Administrators of WordPress sites, beware! A fake SEO plugin is being used by attackers to compromise WP installations. The plugin in question is named WP-Base-SEO, and is a forgery of a...

WordPress Content Injection Flaw Makes XSS Bug More Severe (SecurityWeek)
2017-03-15 10:39

WordPress REST API Bug Could Be Used in Stored XSS Attacks (Threatpost)
2017-03-14 15:43

The recently patched REST API Endpoint vulnerability in WordPress could be leveraged to pull off stored cross-site scripting attacks.

WordPress 4.7.3 Patches Half-Dozen Vulnerabilities (Threatpost)
2017-03-07 20:40

WordPress released version 4.7.3 which patches six vulnerabilities including one that could be chained with the REST API Endpoint vulnerability.

Six Flaws Patched With Release of WordPress 4.7.3 (SecurityWeek)
2017-03-07 08:40

Put down the coffee, stop slacking your app chaps or whatever and patch Wordpress (The Register)
2017-03-07 01:55

Ask a Security Professional: WordPress Database Security Part Two — Best Practices (InfoSecIsland)
2017-03-02 14:30

By following WordPress database security best practices, you become a better WordPress admin and a more effective guardian of the data in your website.

WordPress photo plugin opens 'a million sites' to SQLi database feasting (The Register)
2017-03-01 21:24