A security researcher with a grudge is dropping Web 0days on innocent users

Image of ones and zeros with the word

(credit: Pixabay)

Over the past three weeks, a trio of critical zeroday vulnerabilities in WordPress plugins has exposed 160,000 websites to attacks that allow criminal hackers to redirect unwitting visitors to malicious destinations. A self-proclaimed security provider who publicly disclosed the flaws before patches were available played a key role in the debacle, although delays by plugin developers and site administrators in publishing and installing patches have also contributed.

Over the past week, zeroday vulnerabilities in both the Yuzo Related Posts and Yellow Pencil Visual Theme Customizer WordPress plugins, used by 60,000 and 30,000 websites respectively, have come under attack. Both plugins were removed from the WordPress plugin repository around the time the zeroday posts were published, leaving websites little choice than to remove the plugins. On Friday, Yellow Pencil issued a pa

 » Read More

Loading...

What do you think?

0 points
Upvote Downvote

Total votes: 0

Upvotes: 0

Upvotes percentage: 0.000000%

Downvotes: 0

Downvotes percentage: 0.000000%

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Loading…

Comments

comments

Microsoft reveals hackers accessed some Outlook.com accounts for months

Microsoft reveals hackers accessed some Outlook.com accounts for months

Twitch’s first game, the karaoke-style ‘Twitch Sings,’ launches to public

Twitch’s first game, the karaoke-style ‘Twitch Sings,’ launches to public