WordPress membership plugin bug exploited to create admin accounts

Hackers are exploiting a critical vulnerability in the User Registration & Membership plugin, which is installed on more than ...

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
Infosecurity-magazine.com

Compromised WordPress Sites Deliver ClickFix Attacks in Global Infostealer Campaign

A widespread cyber-criminal campaign has compromised legitimate WordPress websites to infect visitors with infostealer malware, threat researchers at Rapid 7 have warned. The global operation has ...

Hackers hijack WordPress sites to spread malware using fake CAPTCHA

A ClickFix attack can come in all shapes and sizes, including through compromised WordPress websites.

Hackers exploiting WordPress membership plugin bug to create admin accounts

A popular WP plugin can be abused to take over websites and thousands of sites are vulnerable.