See here for what I have written about WordPress this week: Let’s Talk About WordPress …and if you do not think hackers go after WordPress and it’s plugins, then read this: Hackers target 1.5M WordPress sites with cookie consent plugin exploit (bleepingcomputer.com)
Millions of websites use WordPress…
…which makes them a juicy target for threat actors if they can find a bug in code or plugins. That was the topic of yesterday’s article on CyberAwake: Let’s Talk About WordPress – CyberAwake This is an article about governance – not a technical article – so if you are …
Code Supply Chain Compromise
It is a while since I have written about the issue of compromising code in software repositories being an attack vestor for threat actor bit it has not gone away. Malicious Microsoft VSCode extensions steal passwords, open remote shells (bleepingcomputer.com) Software and web developers everywhere will access code from these …
Another WordPress Vulnerability
WordPress is an extremely popular platform for producing web content – so threat actors are constantly probing it looking for gaps in the security. The popular plug-ins also make great targets because if their security fails the potential victims can number in the many thousands. Or millions. WordPress Elementor plugin …
WordPress plugin vulnerability
A vulnerable WordPress plugin is in the news. The Advanced Custom Fields plugin needs to be updated or your site is vulnerable: WordPress plugin flaw puts ‘millions of websites’ at risk • The Register If you use this get it updated now. Do you know if your website uses this …
