SC Media

Malicious plugin installed backdoor on 200,000 WordPress websites

A very persistent malicious actor added a backdoor to a WordPress plugin called Display Widgets that installed backdoors on possibly 200,000 websites since June 21. The hacker used the open-source ...
Ars Technica

WordPress plugin installed on 1 million+ sites logged plaintext passwords

All-In-One Security, a WordPress security plugin installed on more than 1 million websites, has issued a security update after being caught three weeks ago logging plaintext passwords and storing them ...
TechRepublic

How to install and use InVID, a plugin to debunk fake news and verify videos and images

How to install and use InVID, a plugin to debunk fake news and verify videos and images Your email has been sent Image: Lightspring/Shutterstock Must-read security ...
Bleeping Computer

Unsafe WordPress Plugin Installed on Nearly 200,000 Sites

The developers of the ThemeGrill Demo Importer for WordPress have updated the plugin to remove a critical bug that gives admin privileges to unauthenticated users. In the process of getting logged in ...