WordPress plugin detected a backdoor

WordPress plugin detected a backdoor

The backdoor was contained in the fake X-WP-SPAM-SHIELD-PRO plugin
An unknown hacker introduced a backdoor into the source code of the WordPress plugin that masquerades as an anti-spam tool called X-WP-SPAM-SHIELD-PRO.

Apparently, the attacker tried to use the reputation of a ...

Magento fix 35 vulnerabilities in two products

The WordPress plugin “Display Widgets” distributes malware
On September 14, Magento, developing the same-name online store management system, released updates for Magento Commerce and Magento Open Source, eliminating numerous vulnerabilities, in particular, a critically serious remote code execution error.

In summary, ...

The WordPress plugin “Display Widgets” distributes malware

The plug-in “Display Widgets”, numbering more than 200 thousand installations, was finally removed from the plug-ins directory to WordPress after a series of incidents, which resulted in the substitution of malicious code for new releases.

This code was a backdoor allowing ...

FTP is not safe, now Chrome will warn you about this

The Chrome browser from Google info-icon will soon be flagging services that use the FTP protocol as unsafe. This was reported yesterday by Google employee, a member of the security team of Chrome, Mike West (Mike West).

“As part of our ...

Google Chrome warns users about MitM-attacks

The experimental function is already available for testing.
A new security feature will appear in the Google Chrome 63 browser, which will detect a “man in the middle” (MitM) attacks by third-party software.
MitM-attacks are used to intercept web-traffic of ...

Detected critical vulnerability in Apache Struts

The update of the Apache Struts 2.5.13 web framework, used to create Java web applications using the Model-View-Controller paradigm, is published. The release includes a critical vulnerability fix (CVE-2017-9805) that allows you to run code on the server side.

The attack ...

Skip to content