(Adobe Stock)
Malware enabling rogue admin account creation has been injected into five WordPress plugins with more than 30,000 cumulative downloads as part of a software supply chain attack that commenced on Friday, The Hacker News reports.
Aside from establishing malicious admin accounts with the “Options” and “PluginAuth” usernames enabling the exfiltration of account details to the IP address 94.156.79[.]8, attackers also conducted malicious JavaScript code injections to infect targeted websites with search engine optimization spam, a Wordfence report revealed. Most prevalent of the compromised plugins were Social Warfare versions 4.4.6.4 – 4.4.7.1, followed by Simply Show Hooks version 1.2.1, Wrapper Link Element versions 1.0.2 – 1.0.3, Contact Form 7 Multi-Step Addon versions 1.0.4 – 1.0.5, and Blaze Widget versions 2.2.5 – 2.5.2. All of the affected plugins have already been removed from the WordPress plugin directory but only Social Warfare has issued a new version addressing the issue. Immediate deletion of the plugins has also been recommended to website admins.
SC Staff
Cyberattacks thwarted by BlackBerry cybersecurity solutions during the first three months of 2024 totaled 3.1 million, including 630,000 intrusions that involved new malware samples, which is a 40% increase over the last quarter of 2023, SiliconAngle reports.
SC Staff
Election interference operations could still be escalated by Russia as it seeks to undermine UK and U.S. support for Ukraine
Shaun Nichols
Researchers with Google’s security arm say they have been dealing with a particularly nasty Chinese disinformation group responsible for hundreds of thousands of malicious accounts.
On-Demand Event
On-Demand Event
On-Demand Event
By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.
Copyright © 2024 CyberRisk Alliance, LLC All Rights Reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorization.
Your use of this website constitutes acceptance of CyberRisk Alliance Privacy Policy and Terms & Conditions.
Leave a Reply