Getresponse | Breaking Cybersecurity News | The Hacker News

Yesterday I have reported about a huge mysterious hack in wordpress servers, that cause compromise of 15000 wordpress account and hacker managed to post same spam article of " Money making sites " with title - " Im getting paid! " on each blog. We explained how hacker was earning in thousands of dollars by just sharing his Referral link on all these hacked sites. The campaign include some malicious domains where hacker is redirecting all readers and service from a well known email marketing company - Getresponse . Using the same dork -- site:wordpress.com "Im getting paid!" , today we tried to find out number of hacked accounts and once again another shocking number - its 59300 blogs in compromised list on 2nd day of hacking campaign. So many blogs have been compromised without any known method and wordpress team still not in action. As mentioned in last article, yesterday I tried to contact with Getresponse response team whose Email ser

Wordpress Security Team is sending out warning messages to thousands of wordpress users that their account has been compromised recently. Warning message include " We recently detected suspicious activity on your WordPress.com account. To protect your identity and keep your site safe, we've reset your password. " Message continue " To reset your password and get access to your account and blog, please visit WordPress.com. Click on "Forgot password?" in the Login toolbar to get started. It is very important that your password be unique because using the same password across different web applications increases the risk of your account being hacked. " Note: Wordpress officially has not announce yet any security breach news on their website, but these warning mails are silently received by compromised account holders. Method of hack is still not confirmed. But hacking 15000 blogs from wordpress server and posting same article on all sites most obvious can

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard human identities, a pressing question arises: How do we guarantee the security and integrity of these non-human counterparts? How do we authenticate, authorize, and regulate access for entities devoid of life but crucial for the functioning of critical systems? Let's break it down. The challenge Imagine a cloud-native application as a bustling metropolis of tiny neighborhoods known as microservices, all neatly packed into containers. These microservices function akin to diligent worker bees, each diligently performing its designated task, be it processing data, verifying credentials, or