Wordpress

2 minute read

Security

Mass Attack Targets WordPress via GutenKit and Hunk Companion Plugins

Mass exploitation attacks are once again targeting WordPress websites, this time through serious vulnerabilities in two popular plugins,…

byWaqas

October 28, 2025

Auth Bypass Flaw in Service Finder WordPress Plugin Under Active Exploit

3 minute read

Security

Auth Bypass Flaw in Service Finder WordPress Plugin Under Active Exploit

An Authentication Bypass (CVE-2025-5947) in Service Finder Bookings plugin allows any unauthenticated attacker to log in as an administrator. Over 13,800 exploit attempts detected. Update to v6.1 immediately.

byDeeba Ahmed

October 10, 2025

Post SMTP Plugin Flaw Allowed Subscribers to Take Over Admin Accounts

2 minute read

Security

Post SMTP Plugin Flaw Allowed Subscribers to Take Over Admin Accounts

If you’re running a WordPress site and rely on the Post SMTP plugin for email delivery, there’s something…

byWaqas

July 28, 2025

2 minute read

New WordPress Malware Hides on Checkout Pages and Imitates Cloudflare

Wordfence exposes a sophisticated WordPress malware campaign using a rogue WordPress Core plugin. Active since 2023, it steals credit cards and credentials with advanced anti-detection.

byDeeba Ahmed

June 25, 2025

2 minute read

Sneaky WordPress Malware Disguised as Anti-Malware Plugin

WordPress sites are under threat from a deceptive anti-malware plugin. Learn how this malware grants backdoor access, hides…

byDeeba Ahmed

April 30, 2025

2 minute read

Hackers Exploit Stripe API for Web Skimming Card Theft on Online Stores

Cybersecurity researchers at Jscamblers have uncovered a sophisticated web-skimming campaign targeting online retailers. The campaign utilizes a legacy…

byDeeba Ahmed

April 3, 2025

2 minute read

Black Basta-Style Cyberattack Hits Inboxes with 1,165 Emails in 90 Minutes

A recent cyberattack, mimicking the tactics of the notorious Black Basta ransomware group, targeted one of SlashNext’s clients.…

byDeeba Ahmed

January 15, 2025

3 minute read

New PhishWP Plugin on Russian Forum Turns Sites into Phishing Pages

SlashNext has discovered a malicious WordPress plugin, PhishWP, which creates convincing fake payment pages to steal your credit card information, 3DS codes, and personal data.

byWaqas

January 6, 2025

4 minute read

Hackers Use Fake PoCs on GitHub to Steal WordPress Credentials, AWS Keys

SUMMARY Datadog Security Labs’ cybersecurity researchers have discovered a new, malicious year-long campaign from a threat actor identified…

byDeeba Ahmed

December 17, 2024

2 minute read

Facial DNA provider leaks biometric data via WordPress folder

ChiceDNA exposed 8,000 sensitive records, including biometric images, personal details, and facial DNA data in an unsecured WordPress…

byWaqas

September 30, 2024

The Latest

Hackers Spread Fake Red Alert Rocket Alert App to Spy on Israeli Users

900+ Certificates Used by Fortune 500, Governments Exposed by Key Leaks

Cisco Patches 48 Firewall Vulnerabilities with Two CVSS 10 Flaws

Wordpress

Mass Attack Targets WordPress via GutenKit and Hunk Companion Plugins

Auth Bypass Flaw in Service Finder WordPress Plugin Under Active Exploit

Post SMTP Plugin Flaw Allowed Subscribers to Take Over Admin Accounts

New WordPress Malware Hides on Checkout Pages and Imitates Cloudflare

Sneaky WordPress Malware Disguised as Anti-Malware Plugin

Hackers Exploit Stripe API for Web Skimming Card Theft on Online Stores

Black Basta-Style Cyberattack Hits Inboxes with 1,165 Emails in 90 Minutes

New PhishWP Plugin on Russian Forum Turns Sites into Phishing Pages

Hackers Use Fake PoCs on GitHub to Steal WordPress Credentials, AWS Keys

Facial DNA provider leaks biometric data via WordPress folder

Reclaim Security Raises $26M to Eliminate the 27-Day Remediation Gap

Archipelo and Checkmarx Announce Partnership Connecting AppSec Detection with DevSPM

Criminal IP to Present Decision-Ready Threat Intelligence at RSAC™ 2026

Link11 Releases European Cyber Report 2026: DDoS Attacks Become a Constant Threat

One Identity Appoints Michael Henricks as Chief Financial and Operating Officer