How hackers install and hide rogue plugins on your WordPress blog.
A while back, I explained how hackers created hidden admin users after hacking a WordPress blog. In this post, we will see how they upload and hide rogue plugins.
Category: Malware
When some developers of WordPress plugin and theme go rogue.
While cleaning-up a hacked WordPress site, we found that some malicious code was added to the theme by its developers.
WordPress Yuzo Related Posts plugin vulnerability massively exploited.
Hackers are currently actively exploiting a vulnerability in the WordPress Related Posts plugin, which has 60,000+ active installations.
Hackers targeting web hosts customer accounts.
Companies such as web hosts, registrars and CDNs have become a prime target for hackers. Because they host your DNS, hackers can alter them and reroute…
Malicious plugins hosted in the WordPress Plugin repository.
While cleaning-up an infected server today, I came across this plugin: Breadcrumb shortcode (slug: breadcrumbs-ez). It was downloaded from the WordPress official repository but it had…