A malicious credit card skimmer malware has been discovered tampering with WordPress databases to collect payment details. It uses JavaScript to manipulate offending data, injecting a hidden form into webstore checkout pages, enabling it to steal user information in real time, undetected. Cybersecurity firm Sucuri advised frequent updates, regular patches and increased safeguards such as two-factor authentication to counter such attacks.

Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers
Cybersecurity researchers have revealed details about Outlaw, an “auto-propagating” cryptocurrency mining botnet that targets SSH servers with weak credentials. The Romanian-origin malware performs SSH brute-force