ZDNet

Large-scale attack tries to steal configuration files from WordPress sites

Hackers have launched a massive campaign against WordPress websites over the past weekend, attacking old vulnerabilities in unpatched plugins to download configuration files from WordPress sites. The ...
ZDNet

Hackers are creating backdoor accounts and cookie files on WordPress sites running OneTone

Hackers are actively targeting WordPress sites running the OneTone theme to exploit a vulnerability that allows them to read and write site cookies and create backdoor admin accounts. The campaign has ...