Over 5,000 WordPress websites globally have been breached in a new attack campaign that creates fake admin accounts and injects malicious plugins to steal data. It is unclear how the websites were initially compromised. A security report has prompted web admins to use firewalls and other systems, scrutinize privileged accounts and plugins, and strengthen cross-site request forgery defenses. The use of multi-factor authentication was also recommended.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is