Bleeping Computer

Over 6,000 WordPress sites hacked to install plugins pushing infostealers

WordPress sites are being hacked to install malicious plugins that display fake software updates and errors to push information-stealing malware. Over the past couple of years, information-stealing ...
Bleeping Computer

Hunk Companion WordPress plugin exploited to install vulnerable plugins

Hackers are exploiting a critical vulnerability in the "Hunk Companion" plugin to install and activate other plugins with exploitable flaws directly from the WordPress.org repository. By installing ...
TechRadar

Another major WordPress plugin has been hacked to try and hijack your sites

Researchers from WPScan find flaw in Hunk Companion, a plugin with roughly 10,000 users The flaw allows crooks to install other plugins from the WP repository, including those with known RCE flaws ...