Ancestors

Written by Lorenzo Franceschi-Bicchierai on 2025-01-29 at 22:09

NEW: Hackers are hijacking several WordPress sites to "spray and pray" Windows and MacOS infostealing malware, according to a cybersecurity firm.

Company says there are thousands of compromised websites and as of yesterday the hacking campaign was “very much live.”

The websites were displaying a fake Chrome browser update page, we saw one of these pages yesterday.

https://techcrunch.com/2025/01/29/hackers-are-hijacking-wordpress-sites-to-push-windows-and-mac-malware/

=> More informations about this toot | More toots from lorenzofb@infosec.exchange

Written by Lorenzo Franceschi-Bicchierai on 2025-01-30 at 21:18

We updated the story to include Automattic's comment, which they send today.

https://techcrunch.com/2025/01/29/hackers-are-hijacking-wordpress-sites-to-push-windows-and-mac-malware/

=> View attached media

=> More informations about this toot | More toots from lorenzofb@infosec.exchange

Written by Joe Brockmeier (@jzb) on 2025-01-31 at 03:07

@lorenzofb should “spray and pay” be “spray and pray”?

=> More informations about this toot | More toots from jzb@mastodon.social

Toot

Written by Lorenzo Franceschi-Bicchierai on 2025-01-31 at 13:22

@jzb Good catch. Fixed.

=> More informations about this toot | More toots from lorenzofb@infosec.exchange

Descendants

Written by Joe Brockmeier (@jzb) on 2025-01-31 at 13:40

@lorenzofb My super power is catching other people's typos. My kryptonite is my own typos...

=> More informations about this toot | More toots from jzb@mastodon.social