The Hacker News | Biggest Information Security Channel

'SoakSoak' Malware Compromises 100,000 WordPress Websites

'SoakSoak' Malware Compromises 100,000 WordPress Websites

The users of WordPress , a free and open source blogging tool as well as content management syst...
Vulnerability in WPTouch WordPress Plugin Allows Hackers to Upload PHP backdoors

Vulnerability in WPTouch WordPress Plugin Allows Hackers to Upload PHP backdoors

If you own a mobile version for your Wordpress website using the popular WPtouch plugin, then yo...
Disqus Wordpress Plugin Flaw Leaves Millions of Blogs Vulnerable to Hackers

Disqus Wordpress Plugin Flaw Leaves Millions of Blogs Vulnerable to Hackers

A Remote code execution (RCE) vulnerability has been discovered in the comment and discussion se...
Zero-Day TimThumb WebShot Vulnerability leaves Thousands of Wordpress Blogs at Risk

Zero-Day TimThumb WebShot Vulnerability leaves Thousands of Wordpress Blogs at Risk

Yesterday we learned of a critical Zero-day vulnerability in a popular image resizing library ca...
Vulnerabilities in 'All in One SEO Pack' Wordpress Plugin Put Millions of Sites At Risk

Vulnerabilities in 'All in One SEO Pack' Wordpress Plugin Put Millions of Sites At Risk

Multiple Serious vulnerabilities have been discovered in the most famous ‘ All In One SEO Pack ’...
162,000 vulnerable WordPress websites abused to perform DDoS Attack

162,000 vulnerable WordPress websites abused to perform DDoS Attack

DDoS attacks are a growing issue facing by governments and businesses. In a recent attack, thou...
DDoS Attacks originated from thousands of .EDU and .GOV WordPress Blogs

DDoS Attacks originated from thousands of .EDU and .GOV WordPress Blogs

In a recent cyber attack on a Forum site, thousands of outdated legitimate WordPress blogs were abus...
Thousands of Wordpress blogs compromised to perform DDOS attack

Thousands of Wordpress blogs compromised to perform DDOS attack

There is currently a Mega cyber attack campaign being launched on a large number of WordPress websi...
New Botnet Campaign 'Fort Disco' Brute-Forcing Thousands of WordPress, Joomla Websites

New Botnet Campaign 'Fort Disco' Brute-Forcing Thousands of WordPress, Joomla Websites

Password theft has been a growing problem within the security community. Researchers at Arbor Networ...
Drupal resets 1 Million Passwords after Data Breach

Drupal resets 1 Million Passwords after Data Breach

A Drupal data breach was announced by the official Drupal Association, that Passwords for almost on...
Millions of WordPress sites exploitable for DDoS Attacks using Pingback mechanism

Millions of WordPress sites exploitable for DDoS Attacks using Pingback mechanism

Distributed Denial of Service attacks have increased in scale, intensity and frequency. The wid...
Outdated version of WordPress leads to MasterCard Hack

Outdated version of WordPress leads to MasterCard Hack

On tip of a readers, yesterday we came across a new MasterCard hack, performed by  Syrian Electr...
WordPress plugin W3 Total Cache critical Vulnerability disclosed

WordPress plugin W3 Total Cache critical Vulnerability disclosed

One of the most popular Wordpress Plugin called " W3 Total Cache " which is used to Impr...
WordPress Pingback Vulnerability Serves DDoS attack feature

WordPress Pingback Vulnerability Serves DDoS attack feature

Accunetix a web application security company reported vulnerabilities found in the Wordpress Pingbac...