The Hacker News

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting ...
it-daily.net

Kritische Sicherheitslücke in Joomla JCE aktiv ausgenutzt

Die US-Behörde CISA warnt vor einer kritischen Schwachstelle im Joomla Content Editor. Angreifer können unauthentifiziert ...
The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.

Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.
B2B Cyber Security

1,2 Mill. Seiten in Gefahr: Supply-Chain-Angriff auf WordPress Business-Plugins

Forscher des Forensics Team von Sansec berichtet über einen aktiven Supply-Chain-Angriff auf die WordPress-Plugins ...
Security Boulevard

SmartApeSG Launches Okendo Reviews Supply Chain Attack

IntroductionOn May 14, 2026, the Zscaler ThreatLabz team identified unusually high activity associated with the threat actor SmartApeSG to deploy malware. During our examination, we discovered ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
it-daily.net

Hacker manipulieren populäre WordPress-Plugins

Ein Angreifer hat JavaScript-Dateien von drei WordPress-Plugins manipuliert, um unbemerkt administrative Hintertüren auf ...