Tag: WordPress

Kirki CVE-2026-8206 password reset flaw leading to WordPress admin takeover.
Security News

Kirki CVE-2026-8206

Kirki 6.0.0 through 6.0.6 can let unauthenticated attackers route password reset links…

Brendan Smith
Brendan Smith
Editorial poster showing Steam profile comments feeding a WordPress malware backdoor on a web server.
Security News

Steam C2 Backdoor

GoDaddy says WordPress malware hides C2 data in Steam profile comments. Check…

Brendan Smith
Brendan Smith
WP Maps Pro CVE-2026-8732 WordPress administrator account creation risk
Security News

WP Maps Pro CVE-2026-8732

WP Maps Pro CVE-2026-8732 lets unauthenticated attackers create WordPress administrator accounts. Update…

Brendan Smith
Brendan Smith
Avada Builder WordPress plugin file read and SQL injection risk illustration
Security News

Avada Builder CVEs Put WordPress Sites at File Read and SQLi Risk

Avada Builder patched two WordPress vulnerabilities that could expose server files or…

Stephanie Adlam
Stephanie Adlam
FunnelKit checkout skimmer stealing WooCommerce payment data
Security News

FunnelKit Checkout Skimmer Hits WooCommerce Payment Pages

Attackers are abusing vulnerable FunnelKit/Funnel Builder installations to inject checkout skimmers into…

Stephanie Adlam
Stephanie Adlam
Burst Statistics WordPress plugin admin takeover risk poster
Security News

Burst Statistics CVE-2026-8181 Exploited for WordPress Admin Takeover

Attackers are exploiting CVE-2026-8181 in the Burst Statistics WordPress plugin. Update to…

Stephanie Adlam
Stephanie Adlam
ClickFix fake CAPTCHA trap delivers Vidar Stealer through PowerShell
Security News

ClickFix WordPress Attacks Push Vidar Stealer Malware

Australia warns that ClickFix attacks are abusing compromised WordPress sites and fake…

Stephanie Adlam
Stephanie Adlam
ManageWP phishing ads lure WordPress admins into a fake login trap
Security News

GoDaddy ManageWP Phishing Ads Target WordPress Admins

A paid-search phishing campaign is targeting GoDaddy ManageWP logins, turning one stolen…

Stephanie Adlam
Stephanie Adlam
Ad Fraud Campaign Scallywag Disrupted Following Peak 1.4M Requests per Day Traffic
Security News

WordPress Ad-Fraud Plugins and the Scallywag Operation

Cybersecurity researchers have found a large-scale ad fraud scheme called "Scallywag". It…

Stephanie Adlam
Stephanie Adlam
Critical RCE vulnerability affects thousands of WordPress sites
Security News

Critical RCE Vulnerability in GiveWP WordPress Plugin

A critical vulnerability has been discovered in the GiveWP WordPress plugin that…

Stephanie Adlam
Stephanie Adlam
WordPress Releases Patch for Critical Security Vulnerability
Security News

WordPress Critical Vulnerability Fixed in Patch 6.4.2

WordPress has rolled out version 6.4.2, addressing a critical remote code execution…

Stephanie Adlam
Stephanie Adlam
Phishing With Hacked Sites Gains Popularity
Cybersecurity LabsTroubleshooting

Phishing With Hacked Sites Becomes a Massive Menace

Threat actors started using compromised websites for phishing purposes much more frequently.…

Stephanie Adlam
Stephanie Adlam

AI Assistant

Hello! 👋 How can I help you today?