WordPress Yuzo Related Posts plugin vulnerability massively exploited.

Hackers are currently actively exploiting a vulnerability in the WordPress Related Posts plugin, which has 60,000+ active installations.

Posted on January 3, 2017July 29, 2018
Malware

Hackers targeting web hosts customer accounts.

Companies such as web hosts, registrars and CDNs have become a prime target for hackers. Because they host your DNS, hackers can alter them and reroute…

Posted on February 9, 2016July 29, 2018
Malware

Malicious plugins hosted in the WordPress Plugin repository.

While cleaning-up an infected server today, I came across this plugin: Breadcrumb shortcode (slug: breadcrumbs-ez). It was downloaded from the WordPress official repository but it had…

Posted on December 16, 2015July 29, 2018
Malware

Fake WordPress plugin repository distributing malware.

We mentioned a few weeks ago fake WordPress websites used by hackers to distribute malware via malicious plugins installed on their victims blog. Hackers have lately…

Posted on October 27, 2015May 3, 2019
Malware

Fake wordpress-update.com site used to distribute malware via malicious plugins.

In recent days, we have worked on several infected WordPress websites that all had the particularity of having the same malicious plugin installed: Hackers gained access…