Researchers have found threat actors probing WordPress websites with Epsilon Framework themes installed on over 150,000 sites which are vulnerable to Function Injection attacks that could lead to full site takeovers. Just yesterday, they saw a surge of more than 7.5 million attacks against more than 1.5 million sites targeting these vulnerabilities, coming from over 18,000 IP addresses.
Experts Comments
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Ameet Naik, Security Evangelist , provides expert commentary at @Information Security Buzz.
"Shadow Code introduced via third-party plugins and frameworks vastly expands the attack surface for websites...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/hackers-probing-1-5-million-wordpress-sites-with-epsilon-framework-themes
Facebook Message
@Ameet Naik, Security Evangelist , provides expert commentary at @Information Security Buzz.
"Shadow Code introduced via third-party plugins and frameworks vastly expands the attack surface for websites...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/hackers-probing-1-5-million-wordpress-sites-with-epsilon-framework-themes