Tag: backdoors
6 articles

WordPress Plugins Compromised to Deploy Hidden Backdoors
Over 1.2 million WordPress sites are potentially at risk after a security breach compromised three popular plugins, allowing hackers to secretly install backdoors and gain admin access. The sneaky attack injects malicious code that only kicks in when a logged-in administrator visits the site, putting unsuspecting site owners in the dark.

Webworm Expands Arsenal with EchoCreep, GraphWorm Backdoors
Meet Webworm's latest tricks: EchoCreep and GraphWorm, two custom backdoors that let the China-aligned actor control and manipulate systems using unconventional channels like Discord and Microsoft Graph API. These new tools enable file uploads, downloads, and command execution, showcasing Webworm's creative approach to cyber threats.

Eset Exposes Chinese Hackers' Careless Backdoor Tactics
Chinese hackers have been caught off guard by their own carelessness, leaving behind a digital trail that exposed their previously undetected backdoor tactics. Researchers uncovered over 9,000 messages revealing the attackers' testing systems and habits, leading to the identification of a Chinese nation-state actor dubbed GopherWhisper.

Iran Accuses US of Using Backdoors to Disrupt Networking Gear
Iranian media is accusing the US of sneaking backdoors into networking gear to disrupt operations amid the ongoing war, with Chinese state media echoing the claims globally. But what's really at stake when these explosive cyber-accusations make international headlines?

Malicious Chrome Extensions Infiltrate Web Store, Compromise User Data
Malicious Chrome extensions, masquerading as harmless tools, have infiltrated the official Web Store, putting millions of users' data at risk by stealing sensitive tokens, planting backdoors, and running ad fraud. Over 100 of these rogue add-ons have been identified, highlighting a growing threat in a marketplace we thought was safe.

Hackers Exploit Smart Slider Plugin to Deploy Malicious Code
Hackers have hijacked the update system for the popular Smart Slider 3 Pro plugin, deploying a malicious release that lets them take control of affected websites. This alarming breach highlights the vulnerability of even trusted software update channels to exploitation.