SecBoard
Zurück zur Übersicht
ManagerRed-Teamer

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

The Hacker News·
Originalartikel lesen bei The Hacker News

An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMonster, and TrustPulse, turning those files into a way to break into the sites. When a site administrator was logged in as the file loaded, the code created an admin account under the attacker's...

MITRE ATT&CK Kill Chain (1 Techniken)

Execution
T1059.007

JavaScript

Vollständigen Artikel lesen bei The Hacker News

Verwandte Artikel

Chinese Hackers Target Medical, Military, and AI Research in North America

SecurityWeek·vor 39 Minuten

Vibe coders are gonna vibe code: How CISOs are tackling code sprawl

BleepingComputer·vor etwa 1 Stunde

Chinese hackers breach REDCap servers, steal medical research

BleepingComputer·vor etwa 1 Stunde

NewCore Emerges From Stealth Mode With $66 Million in Funding

SecurityWeek·vor etwa 2 Stunden

Infinite Campus data breach affects 137,000 school staff accounts

BleepingComputer·vor etwa 2 Stunden