Over 5,000 WordPress websites are hosting a malicious script that creates an unauthorized admin account and downloads a harmful plugin, which steals sensitive data and exfiltrates it to a remote server, according to security researcher Himanshu Anand. To combat these attacks, he recommends blocking certain domains, auditing admin accounts, removing suspicious plugins, implementing multi-factor authentication, and strengthening CSRF protections.
North Korean Hackers Use Fake U.S. Companies to Spread Malware in Crypto Industry: Report
North Korean hackers reportedly set up shell companies in the US to penetrate the crypto sector and target developers via fake job offers, according to
