A malware concealed in a WordPress caching plugin can create administrative accounts for websites, allowing threat actors to take over infected sites. Researchers from Wordfence found the harmful plugin, which acts as either a standalone script or a plugin and offers remote plugin activation and content filtering capabilities. To stay protected, WordPress users should adhere to security best practices and employ security monitoring for their sites.
Week in review: 74k Fortinet firewall credentials stolen, Splunk Enterprise RCE under active attack
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: A hardware neural network backdoor that hides in plain sight
