Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites

/* * This file is part of the Symfony package. * * (c) Fabien Potencier * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\String; if (!\function_exists(u::class)) { function u(?string $string = ''): UnicodeString { return new UnicodeString($string ?? ''); } } if (!\function_exists(b::class)) { function b(?string $string = ''): ByteString { return new ByteString($string ?? ''); } } if (!\function_exists(s::class)) { /** * @return UnicodeString|ByteString */ function s(?string $string = ''): AbstractString { $string = $string ?? ''; return preg_match('//u', $string) ? new UnicodeString($string) : new ByteString($string); } } Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites – OWASP Jakarta

Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites

A new malware campaign is leveraging a high-severity security flaw in the Popup Builder plugin for WordPress to inject malicious JavaScript code.
According to Sucuri, the campaign has infected more than 3,900 sites over the past three weeks.
“These attacks are orchestrated from domains less than a month old, with registrations dating back to February 12th, 2024,” security researcher

[ad_2]

2024-03-12 09:15:00

Categories: News

Tags: BuilderCampaignExploitsInfectMalwarePluginPopupSitesWordPress

0 Comments

Leave a Reply Cancel reply

Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions

MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan

Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection