Bleeping Computer

Over 6,000 WordPress sites hacked to install plugins pushing infostealers

WordPress sites are being hacked to install malicious plugins that display fake software updates and errors to push information-stealing malware. Over the past couple of years, information-stealing ...
Hosted on MSN

Top WordPress anti-spam plugin may actually be putting your site at risk of attack

Researchers found two flaws in a popular WordPress plugin Flaws allow threat actors to install malicious plugins and run arbitrary code A patch is already available, so WordPress users should update ...