In today’s post, we are publishing research showing a coordinated effort by the same spammer that targeted WordPress plugins over a 4.5-year period. In some cases, site owners opted in to a vague agreement that didn’t make it clear that their sites would be serving spam; in other cases, plugins were simply “backdoored” to allow posting without a site owner’s permission.
- Three More WordPress Plugins Found Hiding a Backdoor Digest Article
- Zyklon Password Stealer Exploits Microsoft Vulnerabilities via Spam Campaign Digest Article
- Threats: Social Engineering and Malicious Spam Dominate Digest Article
- Massive Email Campaign Sends Locky Ransomware to Over 23 Million Users Digest Article
- Massive Brute-Force Attack Infects WordPress Sites with Monero Miners Digest Article