Over 1 million WordPress sites at risk after popular plugins hacked

Three popular plugins served malicious JavaScript through a compromised CDN.
Wired

WordPress.com Gets a New Face and Joins the JavaScript Age

The popular blogging site WordPress.com unveiled a new admin interface today for managing blogs, posting content, and reading other people's sites. If you're a regular user, you'll notice a new look ...
Bleeping Computer

Funnel Builder WordPress plugin bug exploited to steal credit cards

A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages. The flaw has not received an ...
Hosted on MSN

WordPress malware uses Steam profile comments for command and control

Security researchers from GoDaddy found a cheeky new malware campaign that used comments made by Steam Community accounts as command-and-control (C2) infrastructure. Here is how the attack plays out: ...