A malware campaign targeted 5,000 WordPress sites, enabling unauthorized admin users to download dangerous plugins. WordPress users are advised to check site security and remove suspicious plugins and unauthorized admins. C/side, the company reporting the campaign, recommends blocking the domain wp3[.]xyz, implementing multifactor authentication and taking measures to protect against Cross-Site Request Forgery (CSRF) attacks. Users are also advised to verify plugin sources are reputable.

HSCC Urges White House to Shift Gears on Health Cyber Regs
The Health Sector Coordinating Council (HSCC) has asked the Trump administration to stop work on a proposed update to the HIPAA security rule and instead