Mastodawn

Someone planted backdoors in dozens of WordPress plug-ins used in thousands of websites

Dozens of plug-ins for the widely used open source web blogging software WordPress are now offline after a backdoor was discovered in them, used to push malicious code to any website that relied on the plug-ins. The backdoor was discovered after a new corporate owner bought these plug-ins.

#wordpress #backdoors #security #cybersecurity #hackers #hacking #hacked

https://techcrunch.com/2026/04/14/someone-planted-backdoors-in-dozens-of-wordpress-plugins-used-in-thousands-of-websites/

Someone planted backdoors in dozens of WordPress plug-ins used in thousands of websites | TechCrunch

Dozens of WordPress plug-ins were allegedly hijacked to push malware after they were sold to a new corporate owner.

TechCrunch

Analyst207 2d ago

Malicious Chrome Extensions Infiltrate Web Store, Compromise User Data

Malicious Chrome extensions, masquerading as harmless tools, have infiltrated the official Web Store, putting millions of users' data at risk by stealing sensitive tokens, planting backdoors, and running ad fraud. Over 100 of these rogue add-ons have been identified, highlighting a growing threat in a marketplace we…

https://osintsights.com/malicious-chrome-extensions-infiltrate-web-store-compromise-user-data?utm_source=mastodon&utm_medium=social

#MaliciousChromeExtensions #GoogleOauth2 #BrowserExtensions #AdFraud #Backdoors

Malicious Chrome Extensions Infiltrate Web Store, Compromise User Data

Malicious Chrome extensions infiltrate Web Store, stealing user data via OAuth2 tokens, backdoors & ad fraud; protect yourself now by reviewing your browser add-ons.

OSINTSights

Show thread

Kevin Karhan

Mar 26

@t0mn Which I think is just their means to mandate #Govware #Backdoors like #TR069…

Show thread

Kevin Karhan

Mar 24

@TheMorpheus So langsam ist die #RoteLinie erreicht, und ich hoffe dass mehr Leute zum Ergebnis kommen:

Ich bin freundlich, aber ich bin's bald nicht mehr![¹](https://www.youtube.com/watch?v=F_XCDu6GQt4)

Ist langsam die Antwort auf #Angstkultur, #Entrechtung, #Polizeistaat und #Überwachungsstaat!

Wir sehen das ja schon darin wie die #FCC aktiv importierte #Router kriminalisieren will!
- Was hindert die daran #Govware - #Backdoors wie #TR069 verpflichtend zu machen und #Aftermarket - #Firmware zu verbieten??

#Cyberfaschismus #DEpol #EUpol

AVATAR 2 | Quaritch "I'll be nice,once...then I won't" #avatar2 #avatar #avatarthewayofwater #shorts

YouTube

Show thread

Kevin Karhan

Mar 24

@blueteamsec so the #USA went full #Cyberfascism and likely the #FCC will mandate #Govware #Backdoors like #TR069 on all of them…

Show thread

Kevin Karhan

Mar 21

@burnoutqueen @aral everyone who complies with #Cyberfascism is bad.

"#AgeVerification" is also Cyberfascism. Otherwise we'll open that Pandora's box fir other horseshite:
- #UK demanding #Givware #Backdoors for #Encryption
- #Russia mandating #Doxxing of users.
- "P.R." #China mandating blockade of #Toe & #VPN
- …

Olly 👾Mar 16

Fake Zoom, Teams Meeting Invites use Compromised Certificates to Drop Malware.

A new wave of phishing attacks is hitting office workers where they feel safest- their daily meeting invites. Instead of using obvious malware, threat actors are now using stolen digital certificates to trick computers into trusting malicious files.

⁉️According to researchers from the Microsoft Defender Security Research Team, these attacks involve highly convincing fake updates for apps like Zoom, Microsoft Teams, and Adobe Reader.⁉️

https://www.microsoft.com/en-us/security/blog/2026/03/03/signed-malware-impersonating-workplace-apps-deploys-rmm-backdoors/

#zoom #microsoft #teams #adobe #reader #phishing #attacks #rmm #backdoors #it #security #privacy #engineer #media #infosec #tech #news

RedPacket Security Mar 12

Contagious Interview: Malware delivered through fake developer job interviews - https://www.redpacketsecurity.com/contagious-interview-malware-delivered-through-fake-developer-job-interviews/

#threatintel
#Contagious-Interview
#Malware
#Recruitment-Scams
#Backdoors
#Visual-Studio-Code

Contagious Interview: Malware delivered through fake developer job interviews - RedPacket Security

Microsoft Defender Experts has observed the Contagious Interview campaign, a sophisticated social engineering operation active since at least December 2022.

RedPacket Security