Morning Overview on MSN

A single flaw in the WordPress plugin Everest Forms lets attackers seize full control of a website, and thousands are exposed

Website owners running the Everest Forms Pro plugin for WordPress face an urgent threat: a single vulnerability, tracked as ...

Experts claim WordPress sites are being hijacked using a critical flaw in popular plugin

A popular WordPress plugin is once again being leveraged in website takeover attacks.
Threat Post

Updates Fix PHP-Injection Flaw in Popular WordPress Plugins

A pair of popular WordPress plugins used to help sites cache content have fixed serious vulnerabilities that attackers could exploit simply by including special HTML code in a comment. Both WP Super ...
Infosecurity Magazine

Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites

A critical vulnerability in the Everest Forms Pro plugin for WordPress has been actively exploited to hijack vulnerable ...
Business Wire

Polyverse Thwarts PHP Vulnerabilities, WordPress Attacks

BELLEVUE, Wash.--(BUSINESS WIRE)--Polyverse Corporation today announced its R&D project, Polyscripting, stops all PHP code injection and execution vulnerabilities detailed in a whitepaper recently ...
Dark Reading

TellYouThePass Ransomware Group Exploits Critical PHP Flaw

A threat group is exploiting a critical, easily exploitable PHP bug for remote code execution (RCE) in living-off-the-land style ransomware attacks that target businesses and individuals running both ...
Bleeping Computer

Latest Code Injection news

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-severity code injection vulnerability.
SecurityWeek

Mirasvit Vulnerability Exploited to Execute Code on Magento Servers

Hackers are exploiting a critical vulnerability in Mirasvit Full Page Cache Warmer to execute code remotely on Magento ...