Switch to the dark mode that's kinder on your eyes at night time.

Switch to the light mode that's kinder on your eyes at day time.

Switch to the dark mode that's kinder on your eyes at night time.

Switch to the light mode that's kinder on your eyes at day time.

Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network (blog.sucuri.net)

by WPNEWS team January 29, 2023, 10:48 Comments

Since late December, our team has been tracking a new spike in WordPress website infections related to the following malicious domain: track[.]violetlovelines[.]com

PublicWWW results show over 5,600 websites impacted by this malware at the time of writing, while urlscan.io shows evidence of the campaign operating since December 26th, 2022.

More From: Security

Patchstack Tracks 328% More Security Bugs Reported in WordPress Plugins in 2022 (wptavern.com)
Patchstack, a WordPress security maintenance and management tool, has published its “State of WordPress Security” whitepaper for 2022, tracking a few key metrics on publicly reported vu…
All In One SEO Pack Vulnerabilities Impacting 3 Million Sites Patched (www.wordfence.com)
On January 26, 2023, the Wordfence Team responsibly disclosed two vulnerabilities in All In One SEO Pack, a WordPress plugin installed on over 3 Million sites which provides search engine[…]
GoDaddy says a multi-year breach hijacked customer websites and accounts (arstechnica.com)
Three breaches over as many years all carried out by the same threat actor.
Multiple Authenticated SQL Injection Fixed In WP Statistics Plugin Version (patchstack.com)
If you’re a WP Statistics user, please update the plugin to at least version13.2.11. Patchstack Pro and Business users are protected from the vulnerability. You can also sign up the[…]
How to scan your WordPress instances for Security Issues using WPScan (blog.wpsec.com)
The WPScan security scanner was developed primarily for WordPress administrators and security teams to evaluate the current state of their respective WordPress installations’ level of protection against potential threats. It[…]
Fake plugin affecting WordPress sites (blog.wpscan.com)
Bad actors are abusing leaked and compromised credentials to install core-stab fake plugin on WordPress sites.More

Patchstack Tracks 328% More Security Bugs Reported in WordPress Plugins in 2022 (wptavern.com)

All In One SEO Pack Vulnerabilities Impacting 3 Million Sites Patched (www.wordfence.com)

GoDaddy says a multi-year breach hijacked customer websites and accounts (arstechnica.com)

Multiple Authenticated SQL Injection Fixed In WP Statistics Plugin Version (patchstack.com)