Hackers Planted Secret Backdoor in Dozens of WordPress Plugins and Themes

22 January 2022

In yet another instance of software supply chain attack, dozens of WordPress themes and plugins hosted on a developer’s website were backdoored with malicious code in the first half of September 2021 with the goal of infecting further sites. The backdoor gave the attackers full administrative control over websites that used 40 themes and 53 plugins belonging to AccessPress Themes, a Nepal-based company that boasts of no fewer than 360,000 active website installations.

Read full article on The Hacker News

Date:

22 January 2022

Categorie(s):

NEWS

Tag(s):

Backdoors, Cyber Threats, Hacking, Plugins, Secrets

North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures25 April 2024
Two cuffed in Samourai Wallet crypto dirty money sting25 April 2024
Ransomware attack causes city street lights to “misbehave”25 April 2024
Google can’t seem to quit cookies, delays killing them again25 April 2024
Analyze Malicious Powershell Scripts by Running Malware in ANY.RUN Sandbox25 April 2024