Lucene search
K

7 matches found

Rapid7 Blog
Rapid7 Blog
added 2026/03/10 1:0 p.m.19 views

When Trusted Websites Turn Malicious: WordPress Compromises Advance Global Stealer Operation

Overview Rapid7 Labs has identified and analyzed an ongoing, widespread compromise of legitimate, potentially highly trusted WordPress websites, misused by an unidentified threat actor to inject a ClickFix implant impersonating a Cloudflare human verification challenge CAPTCHA. The lure is design...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/26 10:45 a.m.3 views

ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners

A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the ClickFix social engineering tactic to deliver information stealers, ransomware, and cryptocurrency miners. The large-scale...

7.7AI score
Exploits0
Securelist
Securelist
added 2025/08/08 9:0 a.m.6 views

Scammers mass-mailing the Efimer Trojan to steal crypto

Introduction In June, we encountered a mass mailing campaign impersonating lawyers from a major company. These emails falsely claimed the recipient's domain name infringed on the sender's rights. The messages contained the Efimer malicious script, designed to steal cryptocurrency. This script als...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/12 5:47 p.m.19 views

WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network

The threat actors behind the VexTrio Viper Traffic Distribution Service TDS have been linked to other TDS services like Help TDS and Disposable TDS, indicating that the sophisticated cybercriminal operation is a sprawling enterprise of its own that's designed to distribute malicious content...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/09/24 5:3 p.m.53 views

A week in security (September 17 – 23)

Last week, we took a look at a low level spam campaign on Twitter, explored the signs of falling victim to phishing, and examined a massive WordPress compromise. We also explained some SASL vulnerabilities and covered a breaking Emotet spam campaign. Other cybersecurity news: NewEgg attacked by...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2015/08/21 11:4 a.m.10 views

WordPress Hacks Behind Spike in Neutrino EK Traffic

Unsurprisingly, a rash of compromised WordPress websites is behind this week’s surge in Neutrino Exploit Kit traffic, researchers at Zscaler said. In a report published yesterday, Zscaler said it spotted attacks against sites running older versions of the content management system, 4.2 and earlie...

0.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2012/01/30 4:27 p.m.12 views

Massive Compromise of WordPress Sites Leads To Phoenix Exploit Kit

Researchers at the security firm M86 report that hackers have compromised hundreds of Web sites that use the WordPress content management system. The sites, mostly small Web pages and blogs, are being used to fool spam filters and redirect unwitting visitors to drive by download Websites that wil...

7.2AI score
Exploits0References4
Rows per page
Query Builder