WordPress plugin detected a backdoor
WordPress plugin detected a backdoor
The backdoor was contained in the fake X-WP-SPAM-SHIELD-PRO plugin
An unknown hacker introduced a backdoor into the source code of the WordPress plugin that masquerades as an anti-spam tool called X-WP-SPAM-SHIELD-PRO.
Apparently, the attacker tried to use the reputation of a ...
Magento fix 35 vulnerabilities in two products
The WordPress plugin “Display Widgets” distributes malware
On September 14, Magento, developing the same-name online store management system, released updates for Magento Commerce and Magento Open Source, eliminating numerous vulnerabilities, in particular, a critically serious remote code execution error.
In summary, ...
The WordPress plugin “Display Widgets” distributes malware
The plug-in “Display Widgets”, numbering more than 200 thousand installations, was finally removed from the plug-ins directory to WordPress after a series of incidents, which resulted in the substitution of malicious code for new releases.
This code was a backdoor allowing ...
FTP is not safe, now Chrome will warn you about this
The Chrome browser from Google info-icon will soon be flagging services that use the FTP protocol as unsafe. This was reported yesterday by Google employee, a member of the security team of Chrome, Mike West (Mike West).
“As part of our ...
Google Chrome warns users about MitM-attacks
The experimental function is already available for testing.
A new security feature will appear in the Google Chrome 63 browser, which will detect a “man in the middle” (MitM) attacks by third-party software.
MitM-attacks are used to intercept web-traffic of ...
Detected critical vulnerability in Apache Struts
The update of the Apache Struts 2.5.13 web framework, used to create Java web applications using the Model-View-Controller paradigm, is published. The release includes a critical vulnerability fix (CVE-2017-9805) that allows you to run code on the server side.
The attack ...