The US Food and Drug Administration (FDA) has warned that Chinese-made patient monitor devices, Contec CMS8000 and its relabelled version, Epsimed MN-120, have a built-in backdoor leaking patient data to an unauthorised remote server, which can also execute unauthorised code on the device. These affected monitors are used in various medical settings across the US and Europe.

Hiding WordPress malware in the mu-plugins directory to avoid detection
Sucuri researchers have detected a number of cases where hackers have hidden malware within the mu-plugins directory of WordPress, which auto-loads without activation. WordPress site