Dark Reading

'Etherhiding' Blockchain Technique Masks Malicious Code in WordPress Sites

A threat actor has been abusing proprietary blockchain technology to hide malicious code in a campaign that uses fake browser updates to spread various malware, including the infostealers RedLine, ...
Dark Reading

Critical WordPress Plug-in RCE Bug Exposes Reams of Websites to Takeover

A critical unauthenticated remote control execution (RCE) bug in a backup plug-in that's been downloaded more than 90,000 times exposes vulnerable WordPress sites to takeover — another example of the ...