Huge cybercrime attack sees 390,000 WordPress websites hit, details stolen

Huge cybercrime attack sees 390,000 WordPress websites hit, details stolen

Researchers found a malicious package on NPM, uploaded a year ago; It was benign at first, and introduced malware later via an update; The...
2 days ago
from: MSN

Continue reading...
Computer security, Credential, Cybercrime, Threat actor, WordPress
More about this
- Yearlong Cyberattack Targets Security Workers
A yearlong cyberattack has been stealing login credentials from security personnel by infecting them with Trojanized open source software.
from: PYMNTS.com
- 390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits
A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is estimated...
from: The Hacker News
- Yearlong supply-chain attack targeting security pros steals 390K credentials
A sophisticated and ongoing supply-chain attack operating for the past year has been stealing sensitive login credentials from both...
from: Ars Technica
- 390,000 WordPress accounts stolen from hackers in supply chain attack
A threat actor tracked as MUT-1244 has stolen over 390000 WordPress credentials in a large-scale, year-long campaign targeting other threat...
from: BleepingComputer